www.profinance.ru Open in urlscan Pro
81.177.34.158 Public Scan

Go To Rescan
Add Verdict Report

URL:
https://www.profinance.ru/charts/2017-0526/728x90/?s=USDUAH&p=VVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA=
Submission: On August 25 via manual (August 25th 2021, 9:52:12 am UTC) from UA

Summary HTTP 99 Redirects Behaviour Indicators

Summary

This website contacted 38 IPs in 8 countries across 34 domains to perform 99 HTTP transactions. The main IP is 81.177.34.158, located in Moscow, Russian Federation and belongs to RTCOMM-AS, RU. The main domain is www.profinance.ru.
TLS certificate: Issued by R3 on August 8th 2021. Valid for: 3 months.

This is the only time www.profinance.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
17	81.177.34.158 81.177.34.158	8342 (RTCOMM-AS) (RTCOMM-AS)
2 7	2a02:6b8:20::215 2a02:6b8:20::215	13238 (YANDEX) (YANDEX)
1 5	2a02:6b8::90 2a02:6b8::90	13238 (YANDEX) (YANDEX)
7	2a00:1450:400... 2a00:1450:4001:800::2002	15169 (GOOGLE) (GOOGLE)
1	2a02:6b8::16b 2a02:6b8::16b	13238 (YANDEX) (YANDEX)
3	2a02:2638::3 2a02:2638::3	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	185.184.8.65 185.184.8.65	204995 (RTB-HOUSE...) (RTB-HOUSE-AMS)
2 3	193.232.148.143 193.232.148.143	48061 (UMA-TECH-AS) (UMA-TECH-AS)
1	2a00:1148:db0... 2a00:1148:db00::17	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
3 9	188.42.191.196 188.42.191.196	7979 (SERVERS-COM) (SERVERS-COM)
1	188.40.68.29 188.40.68.29	24940 (HETZNER-AS) (HETZNER-AS)
1 2	144.76.118.200 144.76.118.200	24940 (HETZNER-AS) (HETZNER-AS)
1	195.209.111.20 195.209.111.20	52007 (ADRIVER-AS) (ADRIVER-AS)
3 9	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
1	2a00:1450:400... 2a00:1450:4001:828::2008	15169 (GOOGLE) (GOOGLE)
3	217.69.133.145 217.69.133.145	47764 (MAILRU-AS...) (MAILRU-AS Mail.Ru)
1 2	88.212.201.216 88.212.201.216	39134 (UNITEDNET) (UNITEDNET)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
2	178.250.0.165 178.250.0.165	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	151.236.71.146 151.236.71.146	204720 (CDNETWORKS) (CDNETWORKS)
7 7	3.64.77.7 3.64.77.7	16509 (AMAZON-02) (AMAZON-02)
1 1	185.29.132.241 185.29.132.241	30419 (MEDIAMATH...) (MEDIAMATH-INC)
2 2	216.52.2.30 216.52.2.30	30282 (AS-INAPCD...) (AS-INAPCDN-OCY)
7 8	31.172.81.160 31.172.81.160	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	216.58.212.162 216.58.212.162	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82a::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:811::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
5	81.177.34.153 81.177.34.153	8342 (RTCOMM-AS) (RTCOMM-AS)
1 1	47.252.78.131 47.252.78.131	45102 (CNNIC-ALI...) (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co.)
7	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1 2	2a00:1450:400... 2a00:1450:4001:828::2004	15169 (GOOGLE) (GOOGLE)
2 2	89.108.119.43 89.108.119.43	197695 (AS-REG) (AS-REG)
2 2	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1 1	31.172.81.158 31.172.81.158	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1 2	2a02:2638:1::13 2a02:2638:1::13	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1	178.250.0.157 178.250.0.157	44788 (ASN-CRITE...) (ASN-CRITEO-EUROPE)
1 1	2.19.35.65 2.19.35.65	16625 (AKAMAI-AS) (AKAMAI-AS)
2	104.109.78.125 104.109.78.125	16625 (AKAMAI-AS) (AKAMAI-AS)
1	69.173.144.139 69.173.144.139	26667 (RUBICONPR...) (RUBICONPROJECT)
1 2	2001:6d0:4001... 2001:6d0:4001::226	52016 (TNSMSK-) (TNSMSK-)
1 2	52.58.206.142 52.58.206.142	16509 (AMAZON-02) (AMAZON-02)
1	51.89.9.254 51.89.9.254	16276 (OVH) (OVH)
1	82.145.213.8 82.145.213.8	39832 (NO-OPERA) (NO-OPERA)
99	38

17 81.177.34.158 (Moscow, Russian Federation)

ASN8342 (RTCOMM-AS, RU)

www.profinance.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a02:6b8:20::215 (Moscow, Russian Federation) 2 redirects

ASN13238 (YANDEX, RU)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:6b8::90 (Moscow, Russian Federation) 1 redirects

ASN13238 (YANDEX, RU)

an.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:800::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8::16b (Moscow, Russian Federation)

ASN13238 (YANDEX, RU)

matchid.adfox.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a02:2638::3 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

static.criteo.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.184.8.65 (Amsterdam, Netherlands)

ASN204995 (RTB-HOUSE-AMS, PL)
PTR: ip-185-184-8-65.rtbhouse.net

adfox-c2s-ams.creativecdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 193.232.148.143 (Russian Federation) 2 redirects

ASN48061 (UMA-TECH-AS, RU)
PTR: smtp4.sender.ltmse.com

px.adhigh.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1148:db00::17 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)

ad.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 188.42.191.196 (Luxembourg) 3 redirects

ASN7979 (SERVERS-COM, US)

ads.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 188.40.68.29 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.29.68.40.188.clients.your-server.de

yhb.p.otm-r.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 144.76.118.200 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: static.200.118.76.144.clients.your-server.de

exchange.buzzoola.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 195.209.111.20 (Russian Federation)

ASN52007 (ADRIVER-AS, RU)

pb.adriver.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:828::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 217.69.133.145 (Russian Federation)

ASN47764 (MAILRU-AS Mail.Ru, RU)
PTR: top-fwz1.mail.ru

top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 88.212.201.216 (Russian Federation) 1 redirects

ASN39134 (UNITEDNET, RU)
PTR: host216.rax.ru

counter.yadro.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.250.0.165 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)
PTR: bidder.par.vip.prod.criteo.com

bidder.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 151.236.71.146 (Moscow, Russian Federation)

ASN204720 (CDNETWORKS, RU)

cache.betweendigital.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 3.64.77.7 (Frankfurt am Main, Germany) 7 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-3-64-77-7.eu-central-1.compute.amazonaws.com

x.bidswitch.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.29.132.241 (United Kingdom) 1 redirects

ASN30419 (MEDIAMATH-INC, US)

sync.mathtag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 216.52.2.30 (United States) 2 redirects

ASN30282 (AS-INAPCDN-OCY, US)

ap.lijit.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

8 31.172.81.160 (Germany) 7 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync.bumlam.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
sync3.adsniper.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 216.58.212.162 (Mountain View, United States)

ASN15169 (GOOGLE, US)
PTR: fra24s01-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82a::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:811::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 81.177.34.153 (Moscow, Russian Federation)

ASN8342 (RTCOMM-AS, RU)

charts.profinance.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 47.252.78.131 (United States) 1 redirects

ASN45102 (CNNIC-ALIBABA-US-NET-AP Alibaba US Technology Co., Ltd., CN)

event.clientgear.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 89.108.119.43 (Russian Federation) 2 redirects

ASN197695 (AS-REG, RU)
PTR: d51370.reg.regrucolo.ru

x01.aidata.io	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.184.226 (United States) 2 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 31.172.81.158 (Germany) 1 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)

sync3.sniperlog.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a02:2638:1::13 (France) 1 redirects

ASN44788 (ASN-CRITEO-EUROPE, FR)

gum.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 178.250.0.157 (France)

ASN44788 (ASN-CRITEO-EUROPE, FR)

mug.criteo.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2.19.35.65 (Frankfurt am Main, Germany) 1 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-19-35-65.deploy.static.akamaitechnologies.com

secure-assets.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.109.78.125 (Frankfurt am Main, Germany)

ASN16625 (AKAMAI-AS, US)
PTR: a104-109-78-125.deploy.static.akamaitechnologies.com

eus.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 69.173.144.139 (Frankfurt am Main, Germany)

ASN26667 (RUBICONPROJECT, US)

token.rubiconproject.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2001:6d0:4001::226 (Russian Federation) 1 redirects

ASN52016 (TNSMSK-, RU)

www.tns-counter.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 52.58.206.142 (Frankfurt am Main, Germany) 1 redirects

ASN16509 (AMAZON-02, US)
PTR: ec2-52-58-206-142.eu-central-1.compute.amazonaws.com

ad.360yield.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 51.89.9.254 (London, United Kingdom)

ASN16276 (OVH, FR)
PTR: ip254.ip-51-89-9.eu

onetag-sys.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 82.145.213.8 (Norway)

ASN39832 (NO-OPERA, NO)
PTR: n-sysadmin-jumpbox-03.feednews.opera.technology

t.adx.opera.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	profinance.ru www.profinance.ru charts.profinance.ru	118 KB
14	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	237 KB
10	betweendigital.com 3 redirects ads.betweendigital.com cache.betweendigital.com	28 KB
9	doubleclick.net 2 redirects googleads.g.doubleclick.net cm.g.doubleclick.net	31 KB
8	yandex.ru 2 redirects an.yandex.ru matchid.adfox.yandex.ru mc.yandex.ru	188 KB
7	yandex.com 2 redirects mc.yandex.com	3 KB
7	bidswitch.net 7 redirects x.bidswitch.net	3 KB
7	yastatic.net 2 redirects yastatic.net	293 KB
6	bumlam.com 5 redirects sync.bumlam.com	3 KB
5	criteo.com 1 redirects bidder.criteo.com gum.criteo.com mug.criteo.com	6 KB
4	rubiconproject.com 1 redirects secure-assets.rubiconproject.com eus.rubiconproject.com token.rubiconproject.com	11 KB
4	mail.ru ad.mail.ru top-fwz1.mail.ru	13 KB
3	google.com 1 redirects adservice.google.com www.google.com	1 KB
3	adhigh.net 2 redirects px.adhigh.net	1 KB
3	criteo.net static.criteo.net	39 KB
2	360yield.com 1 redirects ad.360yield.com	845 B
2	tns-counter.ru 1 redirects www.tns-counter.ru	704 B
2	aidata.io 2 redirects x01.aidata.io	1 KB
2	adsniper.ru 2 redirects sync3.adsniper.ru	1 KB
2	googletagservices.com www.googletagservices.com	64 KB
2	lijit.com 2 redirects ap.lijit.com	1 KB
2	yadro.ru 1 redirects counter.yadro.ru	2 KB
2	buzzoola.com 1 redirects exchange.buzzoola.com	863 B
1	opera.com t.adx.opera.com	393 B
1	onetag-sys.com onetag-sys.com	823 B
1	sniperlog.ru 1 redirects sync3.sniperlog.ru	297 B
1	clientgear.com 1 redirects event.clientgear.com	261 B
1	google.de adservice.google.de	313 B
1	googleadservices.com partner.googleadservices.com	659 B
1	mathtag.com 1 redirects sync.mathtag.com	687 B
1	google-analytics.com ssl.google-analytics.com	17 KB
1	adriver.ru pb.adriver.ru	305 B
1	otm-r.com yhb.p.otm-r.com	255 B
1	creativecdn.com adfox-c2s-ams.creativecdn.com	211 B
99	34

	Domain	Requested by
17	www.profinance.ru	www.profinance.ru
9	ads.betweendigital.com	3 redirects yastatic.net www.profinance.ru
7	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
7	mc.yandex.com	2 redirects www.profinance.ru mc.yandex.ru
7	x.bidswitch.net	7 redirects
7	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
7	pagead2.googlesyndication.com	www.profinance.ru pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
7	yastatic.net	2 redirects yastatic.net
6	sync.bumlam.com	5 redirects www.profinance.ru
5	charts.profinance.ru	www.profinance.ru
5	an.yandex.ru	1 redirects www.profinance.ru
3	top-fwz1.mail.ru	www.profinance.ru top-fwz1.mail.ru
3	px.adhigh.net	2 redirects www.profinance.ru
3	static.criteo.net	yastatic.net www.profinance.ru
2	ad.360yield.com	1 redirects
2	www.tns-counter.ru	1 redirects
2	eus.rubiconproject.com	cache.betweendigital.com eus.rubiconproject.com
2	gum.criteo.com	1 redirects static.criteo.net
2	cm.g.doubleclick.net	2 redirects
2	x01.aidata.io	2 redirects
2	sync3.adsniper.ru	2 redirects
2	www.google.com	1 redirects tpc.googlesyndication.com
2	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
2	ap.lijit.com	2 redirects
2	bidder.criteo.com	static.criteo.net
2	counter.yadro.ru	1 redirects www.profinance.ru
2	mc.yandex.ru	1 redirects www.profinance.ru
2	exchange.buzzoola.com	1 redirects www.profinance.ru
1	t.adx.opera.com
1	onetag-sys.com	cache.betweendigital.com
1	token.rubiconproject.com	eus.rubiconproject.com
1	secure-assets.rubiconproject.com	1 redirects
1	mug.criteo.com
1	sync3.sniperlog.ru	1 redirects
1	event.clientgear.com	1 redirects
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	sync.mathtag.com	1 redirects
1	cache.betweendigital.com	ads.betweendigital.com
1	ssl.google-analytics.com	www.profinance.ru
1	pb.adriver.ru	yastatic.net
1	yhb.p.otm-r.com	yastatic.net
1	ad.mail.ru	yastatic.net
1	adfox-c2s-ams.creativecdn.com	yastatic.net
1	matchid.adfox.yandex.ru	yastatic.net
99	46

This site contains no links.

Subject Issuer	Validity	Valid
profinance.ru R3	`2021-08-08` - `2021-11-06`	3 months	crt.sh
bs.yandex.ru Yandex CA	`2021-05-31` - `2021-11-29`	6 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
matchid.adfox.yandex.ru Yandex CA	`2021-03-16` - `2021-09-08`	6 months	crt.sh
*.criteo.net DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-06-27` - `2021-09-24`	3 months	crt.sh
*.creativecdn.com RapidSSL TLS DV RSA Mixed SHA256 2020 CA-1	`2021-03-30` - `2022-04-12`	a year	crt.sh
ltmse.com R3	`2021-07-30` - `2021-10-28`	3 months	crt.sh
*.mail.ru GeoTrust ECC CA 2018	`2020-11-13` - `2021-11-17`	a year	crt.sh
ads.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2020-11-19` - `2021-12-20`	a year	crt.sh
*.p.otm-r.com Sectigo RSA Domain Validation Secure Server CA	`2020-01-27` - `2022-02-06`	2 years	crt.sh
*.buzzoola.com Sectigo RSA Domain Validation Secure Server CA	`2020-06-30` - `2022-09-28`	2 years	crt.sh
*.adriver.ru RapidSSL RSA CA 2018	`2020-04-03` - `2022-04-24`	2 years	crt.sh
*.yastatic.net Yandex CA	`2021-08-18` - `2022-02-16`	6 months	crt.sh
mc.yandex.ru Yandex CA	`2021-07-28` - `2022-01-07`	5 months	crt.sh
*.google-analytics.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
counter.yadro.ru GoGetSSL ECC DV CA	`2020-02-02` - `2022-05-02`	2 years	crt.sh
*.criteo.com DigiCert TLS Hybrid ECC SHA384 2020 CA1	`2021-06-27` - `2021-09-24`	3 months	crt.sh
cache.betweendigital.com Sectigo RSA Domain Validation Secure Server CA	`2019-11-08` - `2022-02-05`	2 years	crt.sh
*.bumlam.com R3	`2021-07-01` - `2021-09-29`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.google.de GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.google.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
charts.profinance.ru R3	`2021-08-15` - `2021-11-13`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
www.google.com GTS CA 1C3	`2021-07-26` - `2021-10-18`	3 months	crt.sh
*.rubiconproject.com DigiCert TLS RSA SHA256 2020 CA1	`2021-04-01` - `2022-04-04`	a year	crt.sh
*.tns-counter.ru GlobalSign ECC OV SSL CA 2018	`2020-11-10` - `2021-12-12`	a year	crt.sh
*.360yield.com Amazon	`2021-07-29` - `2022-08-27`	a year	crt.sh
onetag-sys.com R3	`2021-07-26` - `2021-10-24`	3 months	crt.sh
*.adx.opera.com DigiCert TLS RSA SHA256 2020 CA1	`2021-05-14` - `2022-06-10`	a year	crt.sh

This page contains 13 frames:

Primary Page: https://www.profinance.ru/charts/2017-0526/728x90/?s=USDUAH&p=VVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA=
Frame ID: 57B02A75A38AFBE4CAB9DA0480E27345
Requests: 68 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210816/r20190131/zrt_lookup.html
Frame ID: 0EE45AB5084B72A03C3242D76CAC2669
Requests: 1 HTTP requests in this frame

Frame: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=3b0d1339-1487-52ed-a516-c5c6c430d77f&CACHEBUSTER=913600
Frame ID: E96605480A814701A37CA3F0389A3444
Requests: 7 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2822498309427835&output=html&adk=1812271804&adf=3025194257&lmt=1629885113&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.profinance.ru%2Fcharts%2F2017-0526%2F728x90%2F%3Fs%3DUSDUAH%26p%3DVVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA%3D&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629885113408&bpp=3&bdt=480&idt=103&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6426478425865&frm=20&pv=2&ga_vid=579956200.1629885114&ga_sid=1629885114&ga_hid=915301486&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062313%2C44748553%2C44749369%2C31062297&oid=3&pvsid=4345597312403453&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=122
Frame ID: DA37F22AD54429D58A702E74CDD05878
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2215967389951060&output=html&h=90&slotname=3234201456&adk=1115765410&adf=683863926&pi=t.ma~as.3234201456&w=728&lmt=1629885113&psa=0&format=728x90&url=https%3A%2F%2Fwww.profinance.ru%2Fcharts%2F2017-0526%2F728x90%2F%3Fs%3DUSDUAH%26p%3DVVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA%3D&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629885113411&bpp=2&bdt=484&idt=126&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6426478425865&frm=20&pv=2&ga_vid=579956200.1629885114&ga_sid=1629885114&ga_hid=915301486&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062313%2C44748553%2C44749369%2C31062297&oid=3&pvsid=4345597312403453&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=sQbYO3KQnh&p=https%3A//www.profinance.ru&dtd=142
Frame ID: 372DE369DD3B4148BED4DFF259DDFCCD
Requests: 10 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2215967389951060&output=html&h=300&slotname=7382055056&adk=3865379618&adf=3175363789&pi=t.ma~as.7382055056&w=0&lmt=1629885113&rafmt=12&psa=0&format=0x300&url=https%3A%2F%2Fwww.profinance.ru%2Fcharts%2F2017-0526%2F728x90%2F%3Fs%3DUSDUAH%26p%3DVVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA%3D&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629885113413&bpp=1&bdt=486&idt=173&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=6426478425865&frm=20&pv=1&ga_vid=579956200.1629885114&ga_sid=1629885114&ga_hid=915301486&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062313%2C44748553%2C44749369%2C31062297&oid=3&pvsid=4345597312403453&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ConeEr%7C&abl=CS&fu=33024&bc=31&ifi=3&uci=a!3&fsb=1&xpc=odULx9QPHa&p=https%3A//www.profinance.ru&dtd=209
Frame ID: 1F2856647D75B22643853A28B4BE5307
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 15DA81605F91563B4A2D241894BBEB30
Requests: 2 HTTP requests in this frame

Frame: https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.profinance.ru
Frame ID: 158633DC6D4E32B46A25E9E9E74264B3
Requests: 2 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/D3lOyaz33AOyGTIEqdOSEmJb5cnEgELXkEp-WZBOrR0.js
Frame ID: 508954CC71F7637893646B1EA615721C
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 2F310CF7AB846973213A8EE340502E8E
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 4871D01FBE0F8700954442EE0399006D
Requests: 1 HTTP requests in this frame

Frame: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Frame ID: 1A785C34B4E1417B229FB97C9DB1E53F
Requests: 3 HTTP requests in this frame

Frame: https://onetag-sys.com/usync/?pubId=5d1628750185ace
Frame ID: 8551682B5FDE8C27FD196CDDEEF45D50
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

USDUAH ChartPFSiChart

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /google-analytics\.com\/(?:ga|urchin|analytics)\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

99
Requests

99 %
HTTPS

38 %
IPv6

34
Domains

46
Subdomains

38
IPs

8
Countries

1049 kB
Transfer

3713 kB
Size

16
Cookies

0 Outgoing links

These are links going to different origins than the main page.

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 1

https://yastatic.net/pcode/adfox/header-bidding.js HTTP 302
https://an.yandex.ru/system/header-bidding.js

Request Chain 3

https://yastatic.net/pcode/adfox/loader.js HTTP 302
https://an.yandex.ru/system/adfox.js

Request Chain 9

https://px.adhigh.net/rtb/yandex_hb HTTP 307
https://px.adhigh.net/rtb/yandex_hb?bounced=1

Request Chain 13

https://exchange.buzzoola.com/ssp/adfox HTTP 307
https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t

Request Chain 20

https://ads.betweendigital.com/sspmatch-js?p=43185&randsalt=2192688937 HTTP 302
https://ads.betweendigital.com/sspmatch-js?p=43185&randsalt=2192688937&crf=1

Request Chain 24

https://counter.yadro.ru/hit?t29.3;r;s1600*1200*24;uhttps%3A//www.profinance.ru/charts/2017-0526/728x90/%3Fs%3DUSDUAH%26p%3DVVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA%3D;0.9787491066905465 HTTP 302
https://counter.yadro.ru/hit?q;t29.3;r;s1600*1200*24;uhttps%3A//www.profinance.ru/charts/2017-0526/728x90/%3Fs%3DUSDUAH%26p%3DVVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA%3D;0.9787491066905465

Request Chain 41

https://x.bidswitch.net/sync?ssp=between HTTP 302
https://x.bidswitch.net/ul_cb/sync?ssp=between HTTP 302
https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dbetween%26bsw_param%3Dd9b7c77e-7462-4d3d-8d62-bc0b4b3a1e56&gdpr=&gdpr_consent= HTTP 302
https://x.bidswitch.net/sync?dsp_id=80&user_id=46f56126-12b9-4100-9165-63abe29452d2&expires=30&ssp=between&bsw_param=d9b7c77e-7462-4d3d-8d62-bc0b4b3a1e56&gdpr=&gdpr_consent= HTTP 302
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=d9b7c77e-7462-4d3d-8d62-bc0b4b3a1e56

Request Chain 42

https://px.adhigh.net/p/cm/btw HTTP 302
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=LHChpkxidmj.AikABlF7fLkkeQ

Request Chain 43

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID HTTP 307
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID&sovrn_retry=true HTTP 307
https://ads.betweendigital.com/match?bidder_id=114&external_user_id=fb1ae46a73916a2a063582cb

Request Chain 55

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9376.YFlONaMLIunCg78FwZIEz2etCQWQ4RAweqJ1oDXTNot_Co-deNDIwEASk6E8AiBQ.afNvpXoyetVftPe56PMURpRz3WQ%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9376.vmt1HuoI4fVahUtbIH23Lcy1RxNw2Ru_ttcaKMv7jG2pl6ZPabP4yunH5HbxjwTc0t2GaH2F4mXM1PKWQN-qy6tfAVYs2ErNWpKNQifrWK8%2C.8QjZqpaNssQMrLbkqCkOifO9Sr0%2C

Request Chain 60

https://x.bidswitch.net/sync?ssp=between HTTP 302
https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=d9b7c77e-7462-4d3d-8d62-bc0b4b3a1e56 HTTP 302
https://x.bidswitch.net/sync?dsp_id=257&user_id=mk824cfb8c-ca82-4809-858d-4daee8aa033c&expires=7&user_group=5&ssp=between&bsw_param=d9b7c77e-7462-4d3d-8d62-bc0b4b3a1e56 HTTP 302
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=d9b7c77e-7462-4d3d-8d62-bc0b4b3a1e56

Request Chain 61

https://mc.yandex.com/watch/65372980?wmode=7&page-url=https%3A%2F%2Fwww.profinance.ru%2Fcharts%2F2017-0526%2F728x90%2F%3Fs%3DUSDUAH%26p%3DVVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA%3D&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwwad%3Afp%3A738%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A624%3Acn%3A1%3Adp%3A0%3Als%3A578098479986%3Ahid%3A631986389%3Az%3A120%3Ai%3A20210825115153%3Aet%3A1629885114%3Ac%3A1%3Arn%3A272608199%3Au%3A1629885114737526589%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1629885112657%3Ads%3A1%2C139%2C123%2C1%2C1%2C0%2C%2C416%2C4%2C%2C%2C%2C686%3Adsn%3A2%2C139%2C123%2C1%2C0%2C0%2C%2C418%2C4%2C%2C%2C%2C686%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1629885114%3At%3AUSDUAH%20Chart HTTP 302
https://mc.yandex.com/watch/65372980/1?wmode=7&page-url=https%3A%2F%2Fwww.profinance.ru%2Fcharts%2F2017-0526%2F728x90%2F%3Fs%3DUSDUAH%26p%3DVVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA%3D&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwwad%3Afp%3A738%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A624%3Acn%3A1%3Adp%3A0%3Als%3A578098479986%3Ahid%3A631986389%3Az%3A120%3Ai%3A20210825115153%3Aet%3A1629885114%3Ac%3A1%3Arn%3A272608199%3Au%3A1629885114737526589%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1629885112657%3Ads%3A1%2C139%2C123%2C1%2C1%2C0%2C%2C416%2C4%2C%2C%2C%2C686%3Adsn%3A2%2C139%2C123%2C1%2C0%2C0%2C%2C418%2C4%2C%2C%2C%2C686%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1629885114%3At%3AUSDUAH%20Chart

Request Chain 70

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

Request Chain 72

https://sync.bumlam.com/?src=aid0 HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABi6pZiJBlIFl4XSlAY* HTTP 302
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARi6pZiJBlIFl4XSlAaiARAUNekiBYoR7IbgACWQwGR8 HTTP 302
https://sync.bumlam.com/?src=aid0&s_data=CAIQABi6pZiJBqIBEBQ16SIFihHshuAAJZDAZHw* HTTP 302
https://sync.bumlam.com/?src=aid0&s_data=CAIQARi6pZiJBqIBEBQ16SIFihHshuAAJZDAZHw* HTTP 302
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=1435e922-058a-11ec-86e0-002590c0647c HTTP 302
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=1435e922-058a-11ec-86e0-002590c0647c&bounce=1 HTTP 302
https://sync.bumlam.com/?src=aid1&uid=sXIsAfdDoU1Bw3OnitHI1g& HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=sXIsAfdDoU1Bw3OnitHI1g&extra2=aidata HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm=&extra1=sXIsAfdDoU1Bw3OnitHI1g&extra2=aidata&google_tc= HTTP 302
https://sync3.sniperlog.ru/?src=ggl&extra1=sXIsAfdDoU1Bw3OnitHI1g&extra2=aidata&google_gid=CAESEJOIfcarf9fvkpB_Atv2MU8&google_cver=1 HTTP 301
https://sync.bumlam.com/?src=ggl&extra1=sXIsAfdDoU1Bw3OnitHI1g&extra2=aidata&google_gid=CAESEJOIfcarf9fvkpB_Atv2MU8&google_cver=1 HTTP 302
https://an.yandex.ru/setud/adsniper/6ce9fa11362929d8?sign=2766869605 HTTP 302
https://an.yandex.ru/setud/adsniper/6ce9fa11362929d8?redir-setuniq=1&sign=2766869605

Request Chain 78

https://gum.criteo.com/sid/json?origin=publishertag&domain=profinance.ru&sn=ChromeSyncframe&so=0&topUrl=www.profinance.ru&cw=1 HTTP 302
https://mug.criteo.com/sid?cpp=Eei20HxSMHN3RXVLbHBjazk4R2lRdURoMnFSRnZ2VGNCWWVUZGp4SkRXbnUwNHhyRldZaEZjdHBBbFdRdmlYNzhHK1dUZVFGVU5uekQyZ2tudi91TkJnZGYzUVVlRVpndmRnUThSem5hUEtnQm5ZVUE4NkdoaGtjWTVHQ1BXejFyVVdmQk9IbjlUWjJEQ0FaVkYvUEVNYVFPUWorYUJ5aXpXb1BKMFp2QlBvUTltWUhCbUloZWxJOHpJeUhlaGtHVTZnYTVBM2VYNWJvc1BtTytKUm5kblVtb08wVXdJdzRHMFREdlk3NW9HRG4zNDZrPXw&cppv=2

Request Chain 89

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu HTTP 301
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu

Request Chain 92

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/913600 HTTP 302
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/913600

Request Chain 93

https://x.bidswitch.net/sync?dsp_id=429&user_id=3b0d1339-1487-52ed-a516-c5c6c430d77f&expires=60 HTTP 302
https://x.bidswitch.net/ul_cb/sync?dsp_id=429&user_id=3b0d1339-1487-52ed-a516-c5c6c430d77f&expires=60 HTTP 302
https://ad.360yield.com/match?publisher_dsp_id=191&external_user_id=8c0aca81-5277-4c0e-be54-f3bc3be047a3 HTTP 302
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=191&external_user_id=8c0aca81-5277-4c0e-be54-f3bc3be047a3

Request Chain 95

https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F3b0d1339-1487-52ed-a516-c5c6c430d77f HTTP 302
https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F3b0d1339-1487-52ed-a516-c5c6c430d77f&crf=1 HTTP 302
https://an.yandex.ru/mapuid/betweendigitalis/3b0d1339-1487-52ed-a516-c5c6c430d77f

99 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2 200 Primary Request / Show response
www.profinance.ru/charts/2017-0526/728x90/ 12 KB
5 KB 264ms
123ms Document
text/html 81.177.34.158
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.profinance.ru/charts/2017-0526/728x90/?s=USDUAH&p=VVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.34.158 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 9a356564c14277da14f1d0fd222099c96849b37ce5dbd788022647fc2864b15b

Request headers

:method: GET
:authority: www.profinance.ru
:scheme: https
:path: /charts/2017-0526/728x90/?s=USDUAH&p=VVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA=
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: none
sec-fetch-mode: navigate
sec-fetch-user: ?1
sec-fetch-dest: document
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 09:51:52 GMT
content-type: text/html; charset=utf-8
server: nginx
content-encoding: gzip
vary: Accept-Encoding
x-location: .php@news1
x-conf: www-to-news1

GET
H2 200 jquery-1.12.4.min.js Show response
www.profinance.ru/js/ 95 KB
33 KB 65ms
64ms Script
application/javascript 81.177.34.158
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.profinance.ru/js/jquery-1.12.4.min.js
Requested by: Host: www.profinance.ru
URL: https://www.profinance.ru/charts/2017-0526/728x90/?s=USDUAH&p=VVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.34.158 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404

Request headers

:path: /js/jquery-1.12.4.min.js
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.profinance.ru
referer: https://www.profinance.ru/charts/2017-0526/728x90/?s=USDUAH&p=VVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA=
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.profinance.ru/charts/2017-0526/728x90/?s=USDUAH&p=VVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 09:51:52 GMT
content-encoding: gzip
last-modified: Fri, 20 May 2016 17:18:54 GMT
server: nginx
etag: W/"573f46fe-17b8b"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
x-conf: www-to-news1
x-location: static
expires: Fri, 24 Sep 2021 09:51:52 GMT

GET
H2

200

header-bidding.js Show response
an.yandex.ru/system/
Redirect Chain

https://yastatic.net/pcode/adfox/header-bidding.js
https://an.yandex.ru/system/header-bidding.js

152 KB
39 KB

149ms
54ms

Script
text/javascript

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/system/header-bidding.js

Requested by

Host: www.profinance.ru
URL: https://www.profinance.ru/charts/2017-0526/728x90/?s=USDUAH&p=VVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

4a21b26cab7b5e9edd19fa1796f841302465acbb4f2341e540e8bba1a313e2f7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.profinance.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
strict-transport-security: max-age=31536000
content-encoding: br
etag: 1125283095
x-yandex-req-id: 1629885113173237-683825299119449085600274-production-app-host-sas-pcode-102
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 25 Aug 2021 10:51:53 GMT

Redirect headers

date: Wed, 25 Aug 2021 09:51:53 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
server: nginx/1.17.9
location: https://an.yandex.ru/system/header-bidding.js
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
access-control-allow-origin: *
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
content-length: 0

GET
H2 200 pf_hb.js Show response
www.profinance.ru/js/ 18 KB
1 KB 65ms
64ms Script
application/javascript 81.177.34.158
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.profinance.ru/js/pf_hb.js?2021040101
Requested by: Host: www.profinance.ru
URL: https://www.profinance.ru/charts/2017-0526/728x90/?s=USDUAH&p=VVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.34.158 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 2c967cac40158b4a25c3f77d4123e5d9c203f5527322e6d51b6469df29abe2ae

Request headers

:path: /js/pf_hb.js?2021040101
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.profinance.ru
referer: https://www.profinance.ru/charts/2017-0526/728x90/?s=USDUAH&p=VVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA=
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.profinance.ru/charts/2017-0526/728x90/?s=USDUAH&p=VVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 09:51:52 GMT
content-encoding: gzip
last-modified: Thu, 01 Apr 2021 09:00:13 GMT
server: nginx
etag: W/"60658b9d-48d0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
x-conf: www-to-news1
x-location: static
expires: Fri, 24 Sep 2021 09:51:52 GMT

GET
H2

200

adfox.js Show response
an.yandex.ru/system/
Redirect Chain

https://yastatic.net/pcode/adfox/loader.js
https://an.yandex.ru/system/adfox.js

286 KB
76 KB

149ms
62ms

Script
text/javascript

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://an.yandex.ru/system/adfox.js

Requested by

Host: www.profinance.ru
URL: https://www.profinance.ru/charts/2017-0526/728x90/?s=USDUAH&p=VVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

4d8541abc166fd8983533212451a2bccd26461c738bf270d3c57d53d9cb1f357

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.profinance.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
strict-transport-security: max-age=31536000
content-encoding: br
etag: 1304348112
x-yandex-req-id: 1629885113167098-1451081410699605051000274-production-app-host-sas-pcode-51
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=3600
x-robots-tag: noindex, noarchive, nofollow
expires: Wed, 25 Aug 2021 10:51:53 GMT

Redirect headers

date: Wed, 25 Aug 2021 09:51:53 GMT
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
server: nginx/1.17.9
location: https://an.yandex.ru/system/adfox.js
vary: Accept-Encoding
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
access-control-allow-origin: *
strict-transport-security: max-age=43200000; includeSubDomains;
timing-allow-origin: *
content-length: 0

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
49 KB 27ms
25ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: www.profinance.ru
URL: https://www.profinance.ru/charts/2017-0526/728x90/?s=USDUAH&p=VVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

426a757eb419bbff4f11f14b102f2038864ff3a9c12b4363971969f98596b5d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.profinance.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 09:51:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 49969
x-xss-protection: 0
server: cafe
etag: 1338352877474205345
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Wed, 25 Aug 2021 09:51:53 GMT

GET
H2 200 tgbnr.js Show response
www.profinance.ru/js/ 2 KB
1 KB 65ms
65ms Script
application/javascript 81.177.34.158
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.profinance.ru/js/tgbnr.js?2020120603
Requested by: Host: www.profinance.ru
URL: https://www.profinance.ru/charts/2017-0526/728x90/?s=USDUAH&p=VVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.34.158 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: d7b6ed9e8166c815f86b056bb3caa013f5ac25dd030cc17ebe1b3fc2ebf06bbb

Request headers

:path: /js/tgbnr.js?2020120603
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.profinance.ru
referer: https://www.profinance.ru/charts/2017-0526/728x90/?s=USDUAH&p=VVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA=
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.profinance.ru/charts/2017-0526/728x90/?s=USDUAH&p=VVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 09:51:52 GMT
content-encoding: gzip
last-modified: Sun, 06 Dec 2020 21:34:14 GMT
server: nginx
etag: W/"5fcd4e56-670"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
x-conf: www-to-news1
x-location: static
expires: Fri, 24 Sep 2021 09:51:52 GMT

GET
H2 200 getcookie Show response
matchid.adfox.yandex.ru/ 88 B
374 B 138ms
49ms XHR
application/json 2a02:6b8::16b
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://matchid.adfox.yandex.ru/getcookie

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js

Protocol

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

2a02:6b8::16b Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

a77b5b144c3f56851014d4bebe38caa29c8316b127265f73e61e3d772a27ef87

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.profinance.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: https://www.profinance.ru
date: Wed, 25 Aug 2021 09:51:53 GMT
access-control-allow-credentials: true
timing-allow-origin: *
content-length: 88
x-content-type-options: nosniff
content-type: application/json

GET
H2 200 publishertag.js Show response
static.criteo.net/js/ld/ 118 KB
39 KB 71ms
24ms Script
text/javascript 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://static.criteo.net/js/ld/publishertag.js
Requested by: Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: 3982c942590876cf5a57ea212976927e47b081f65ead1a24e8d0c563e97e89b7

Request headers

Referer: https://www.profinance.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 09:51:53 GMT
content-encoding: gzip
last-modified: Thu, 12 Aug 2021 15:58:03 GMT
server: nginx
etag: W/"6115450b-1d808"
content-type: text/javascript
access-control-allow-origin: *
cache-control: max-age=86400, public
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
expires: Thu, 26 Aug 2021 09:51:53 GMT

POST
H2 204 bids Show response
adfox-c2s-ams.creativecdn.com/bidder/adfox/ 0
211 B 73ms
26ms XHR
application/json 185.184.8.65
RTB-HOUSE-AMS

General

Check archive.org

Show headers Download Go to

Full URL: https://adfox-c2s-ams.creativecdn.com/bidder/adfox/bids
Requested by: Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.184.8.65 Amsterdam, Netherlands, ASN204995 (RTB-HOUSE-AMS, PL),
Reverse DNS: ip-185-184-8-65.rtbhouse.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.profinance.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.profinance.ru
date: Wed, 25 Aug 2021 09:51:53 GMT
access-control-allow-credentials: true
access-control-max-age: 3600
vary: Origin
access-control-allow-methods: POST
content-type: application/json;charset=utf-8

POST
H2

200

yandex_hb Show response
px.adhigh.net/rtb/
Redirect Chain

https://px.adhigh.net/rtb/yandex_hb
https://px.adhigh.net/rtb/yandex_hb?bounced=1

11 B
319 B

61ms
61ms

XHR
application/json

193.232.148.143
UMA-TECH-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://px.adhigh.net/rtb/yandex_hb?bounced=1
Requested by: Host: www.profinance.ru
URL: https://www.profinance.ru/charts/2017-0526/728x90/?s=USDUAH&p=VVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA=
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 193.232.148.143 , Russian Federation, ASN48061 (UMA-TECH-AS, RU),
Reverse DNS: smtp4.sender.ltmse.com
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.profinance.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Aug 2021 09:51:53 GMT
server: nginx
x-backend-id: f4-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
access-control-allow-origin: https://www.profinance.ru
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-type: application/json;charset=utf-8
content-length: 11
expires: Thu, 01 Jan 1970 00:00:00 GMT

Redirect headers

pragma: no-cache
date: Wed, 25 Aug 2021 09:51:53 GMT
server: nginx
access-control-allow-origin: https://www.profinance.ru
x-backend-id: f4-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://px.adhigh.net/rtb/yandex_hb?bounced=1
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

POST
H/1.1 200
OK / Show response
ad.mail.ru/hbid_yandex/ 11 B
340 B 174ms
86ms XHR
application/json 2a00:1148:db00::17
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL: https://ad.mail.ru/hbid_yandex/
Requested by: Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_ECDSA, AES_256_GCM
Server: 2a00:1148:db00::17 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),
Reverse DNS
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.profinance.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

Date: Wed, 25 Aug 2021 09:51:53 GMT
Server: nginx
Transfer-Encoding: chunked
Content-Type: application/json
Access-Control-Allow-Origin: https://www.profinance.ru
Cache-Control: private, no-cache, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Timing-Allow-Origin: *

POST
H2 200 adjson Show response
ads.betweendigital.com/ 78 KB
21 KB 229ms
152ms XHR
application/json 188.42.191.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/adjson?t=adfox
Requested by: Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: aea24c5eb275168730be530f4f40ea9ba14e68b73bb652926d79306f0f9ce304

Request headers

Referer: https://www.profinance.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.profinance.ru
cache-control: no-cache, no-store, max-age=0, must-revalidate
access-control-allow-credentials: true
content-encoding: gzip
vary: Accept-Encoding
content-type: application/json

POST
H2 200 yhb Show response
yhb.p.otm-r.com/ 11 B
255 B 122ms
43ms XHR
text/plain 188.40.68.29
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://yhb.p.otm-r.com/yhb
Requested by: Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 188.40.68.29 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.29.68.40.188.clients.your-server.de
Software: nginx/1.21.0 /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.profinance.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

access-control-allow-origin: https://www.profinance.ru
date: Wed, 25 Aug 2021 09:51:53 GMT
access-control-allow-credentials: true
server: nginx/1.21.0
content-length: 11
vary: Origin
content-type: text/plain; charset=utf-8

POST
H2

200

adfox Show response
exchange.buzzoola.com/ssp/
Redirect Chain

https://exchange.buzzoola.com/ssp/adfox
https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t

11 B
321 B

85ms
74ms

XHR
text/plain

144.76.118.200
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://exchange.buzzoola.com/ssp/adfox?set_buzzoola_cookie=t
Requested by: Host: www.profinance.ru
URL: https://www.profinance.ru/charts/2017-0526/728x90/?s=USDUAH&p=VVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 144.76.118.200 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.200.118.76.144.clients.your-server.de
Software: nginx /
Resource Hash: 846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b

Request headers

Referer: https://www.profinance.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 09:51:53 GMT
server: nginx
serverid: TODO
content-type: text/plain; charset=utf-8
access-control-allow-origin: https://www.profinance.ru
access-control-expose-headers: Set-Cookie, Etag
access-control-allow-credentials: true
access-control-allow-headers: Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, If-None-Match
content-length: 11

Redirect headers

date: Wed, 25 Aug 2021 09:51:53 GMT
server: nginx
access-control-allow-origin: https://www.profinance.ru
etag: W/"31b4a416a1885ae4deab91510a3066c8af121297d63a12d4a7824f43e9392684"
serverid: TODO
location: /ssp/adfox?set_buzzoola_cookie=t
access-control-expose-headers: Set-Cookie, Etag
access-control-allow-credentials: true
access-control-allow-headers: Set-Cookie, X-Alt-Referer, X-First-Party-Cookie, If-None-Match
content-length: 0

POST
H/1.1 204
No Content bid.cgi Show response
pb.adriver.ru/cgi-bin/ 0
305 B 257ms
71ms XHR
text/plain 195.209.111.20
ADRIVER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://pb.adriver.ru/cgi-bin/bid.cgi
Requested by: Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/header-bidding.js
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 195.209.111.20 , Russian Federation, ASN52007 (ADRIVER-AS, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.profinance.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

Access-Control-Allow-Origin: https://www.profinance.ru
Pragma: no-cache
Date: Wed, 25 Aug 2021 09:51:53 GMT
Cache-control: no-cache, max-age=0, must-revalidate, no-store
Access-Control-Allow-Credentials: true
Connection: keep-alive
Expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2 200 ca885e1cf81ce6a6f9a5.js Show response
yastatic.net/partner-code-bundles/42935/ 77 KB
17 KB 58ms
57ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/42935/ca885e1cf81ce6a6f9a5.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

45fa0a2c384ad5d4eb30b0adda03bdf9ca557fc9ca458c86179eb1e99525b197

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: https://www.profinance.ru
Referer: https://www.profinance.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 09:51:53 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 16813
last-modified: Tue, 24 Aug 2021 15:14:25 GMT
server: nginx/1.17.9
etag: "5a6a4ef044e338d57bfd17e95ed49a04"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Aug 2051 16:23:20 GMT

GET
H2 200 host.js Show response
yastatic.net/safeframe-bundles/0.82/ 33 KB
9 KB 130ms
128ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/safeframe-bundles/0.82/host.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

10c861bc88c25be1f3ee98f7652bc7fbb35857f42f923e00c6037b757c77685e

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: https://www.profinance.ru
Referer: https://www.profinance.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 09:51:53 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 8879
last-modified: Mon, 28 Jun 2021 10:29:24 GMT
server: nginx/1.17.9
etag: "e4627697ff619d2b610d2b2fee975531"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Aug 2051 16:27:47 GMT

GET
H2 200 0eef44f1420b44042a65.js Show response
yastatic.net/partner-code-bundles/42935/ 13 KB
5 KB 61ms
61ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/42935/0eef44f1420b44042a65.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

34f40e0062abb20d76c094126c7560d42bf17051ec7f8fddc3e48a5d93e7a452

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: https://www.profinance.ru
Referer: https://www.profinance.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 09:51:53 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 4447
last-modified: Tue, 24 Aug 2021 15:14:25 GMT
server: nginx/1.17.9
etag: "22d709a00ba3e13e2c743395b9a88aac"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Aug 2051 16:23:20 GMT

GET
H2 200 848f390681c93fd184a1.js Show response
yastatic.net/partner-code-bundles/42935/ 1 MB
200 KB 92ms
92ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/42935/848f390681c93fd184a1.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

7f916ceba8d0a8c3e58967d455df674801254dc9071a19acf67cc283b272c895

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: https://www.profinance.ru
Referer: https://www.profinance.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 09:51:53 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 203870
last-modified: Tue, 24 Aug 2021 15:14:25 GMT
server: nginx/1.17.9
etag: "d265017d22b44b056574ff2a3e89d696"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Aug 2051 16:23:20 GMT

GET
H2 200 3b7313e9b109f70b74c0.js Show response
yastatic.net/partner-code-bundles/42935/ 337 KB
62 KB 130ms
129ms Script
text/javascript 2a02:6b8:20::215
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/partner-code-bundles/42935/3b7313e9b109f70b74c0.js

Requested by

Host: yastatic.net
URL: https://yastatic.net/pcode/adfox/loader.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

b93136da22f5cd076d3ed8e0de0b233e319b99c1846fb3fba90c54502f1769bb

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;

Request headers

Origin: https://www.profinance.ru
Referer: https://www.profinance.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 09:51:53 GMT
content-encoding: br
vary: Accept-Encoding
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length: 62574
last-modified: Tue, 24 Aug 2021 15:14:25 GMT
server: nginx/1.17.9
etag: "e24905bdb0e04e6b8494ac04cad6a034"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: text/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=946708560
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Aug 2051 16:23:20 GMT

GET
H2

200

sspmatch-js Show response
ads.betweendigital.com/
Redirect Chain

https://ads.betweendigital.com/sspmatch-js?p=43185&randsalt=2192688937
https://ads.betweendigital.com/sspmatch-js?p=43185&randsalt=2192688937&crf=1

882 B
980 B

50ms
29ms

Script
text/javascript

188.42.191.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to

Full URL: https://ads.betweendigital.com/sspmatch-js?p=43185&randsalt=2192688937&crf=1
Requested by: Host: www.profinance.ru
URL: https://www.profinance.ru/charts/2017-0526/728x90/?s=USDUAH&p=VVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 3d195e6a309aac02d3fd31ee17915be3fc1daeb260ee2be279fb738a07c92eae

Request headers

Referer: https://www.profinance.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 882
content-type: text/javascript

Redirect headers

location: /sspmatch-js?p=43185&randsalt=2192688937&crf=1
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 224 KB
72 KB 135ms
44ms Script
application/javascript 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: www.profinance.ru
URL: https://www.profinance.ru/charts/2017-0526/728x90/?s=USDUAH&p=VVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

ff1343d1a8da5acf42773c36549ced52929ee8cb0e95eaa11acc91a3c8c76914

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.profinance.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 09:51:53 GMT
content-encoding: br
last-modified: Tue, 24 Aug 2021 11:44:41 GMT
etag: "6123bebf-11d30"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 73008
expires: Wed, 25 Aug 2021 10:51:53 GMT

GET
H2 200 ga.js Show response
ssl.google-analytics.com/ 45 KB
17 KB 6ms
5ms Script
text/javascript 2a00:1450:4001:828::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.google-analytics.com/ga.js

Requested by

Host: www.profinance.ru
URL: https://www.profinance.ru/charts/2017-0526/728x90/?s=USDUAH&p=VVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA=

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.profinance.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 11 Aug 2021 00:32:57 GMT
server: Golfe2
age: 3538
date: Wed, 25 Aug 2021 08:52:55 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 17168
expires: Wed, 25 Aug 2021 10:52:55 GMT

GET
H2 200 code.js Show response
top-fwz1.mail.ru/js/ 25 KB
11 KB 221ms
95ms Script
application/javascript 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/js/code.js

Requested by

Host: www.profinance.ru
URL: https://www.profinance.ru/charts/2017-0526/728x90/?s=USDUAH&p=VVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA=

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

536cd983c5ac840349770984405fe9eb9e67b9d7e35e0c45673a653b003173b6

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.profinance.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 09:51:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin: *
last-modified: Thu, 15 Jul 2021 18:35:46 GMT
server: nginx
etag: W/"60f08002-64db"
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: max-age=3600, private
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: *
access-control-allow-headers: *
expires: Wed, 25 Aug 2021 10:51:53 GMT

GET
H/1.1

200
OK

hit
counter.yadro.ru/
Redirect Chain

https://counter.yadro.ru/hit?t29.3;r;s1600*1200*24;uhttps%3A//www.profinance.ru/charts/2017-0526/728x90/%3Fs%3DUSDUAH%26p%3DVVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA%3D;0.9787491066905465
https://counter.yadro.ru/hit?q;t29.3;r;s1600*1200*24;uhttps%3A//www.profinance.ru/charts/2017-0526/728x90/%3Fs%3DUSDUAH%26p%3DVVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA%3D;0.9787491066905465

751 B
1 KB

64ms
64ms

Image
image/gif

88.212.201.216
UNITEDNET

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://counter.yadro.ru/hit?q;t29.3;r;s1600*1200*24;uhttps%3A//www.profinance.ru/charts/2017-0526/728x90/%3Fs%3DUSDUAH%26p%3DVVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA%3D;0.9787491066905465

Requested by

Host: www.profinance.ru
URL: https://www.profinance.ru/charts/2017-0526/728x90/?s=USDUAH&p=VVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA=

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

88.212.201.216 , Russian Federation, ASN39134 (UNITEDNET, RU),

Reverse DNS

host216.rax.ru

Software

nginx/1.17.9 /

Resource Hash

cae5a6f0cf262529b60fa930088e213f04e6392add129055873393f4c6d33376

Security Headers

Name	Value
Strict-Transport-Security	max-age=86400

Request headers

Referer: https://www.profinance.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Date: Wed, 25 Aug 2021 09:51:53 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin: *
Cache-control: no-cache
Connection: keep-alive
Content-Type: image/gif
Content-Length: 751
Expires: Mon, 24 Aug 2020 21:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Wed, 25 Aug 2021 09:51:53 GMT
Server: nginx/1.17.9
Strict-Transport-Security: max-age=86400
P3P: policyref="/w3c/p3p.xml", CP="UNI"
Location: https://counter.yadro.ru/hit?q;t29.3;r;s1600*1200*24;uhttps%3A//www.profinance.ru/charts/2017-0526/728x90/%3Fs%3DUSDUAH%26p%3DVVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA%3D;0.9787491066905465
Cache-control: no-cache
Connection: keep-alive
Content-Type: text/html
Content-Length: 32
Expires: Mon, 24 Aug 2020 21:00:00 GMT

GET
H2 200 chart.html Show response
www.profinance.ru/charts/2017-0526/ 9 KB
2 KB 63ms
63ms XHR
text/html 81.177.34.158
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.profinance.ru/charts/2017-0526/chart.html?123
Requested by: Host: www.profinance.ru
URL: https://www.profinance.ru/js/jquery-1.12.4.min.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.34.158 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 7d607736a2d8b6c1b4e067b026cf8e4d63b8b0fefe85e3d0774ae8b876bc4625

Request headers

:path: /charts/2017-0526/chart.html?123
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: cors
accept: text/html, */*; q=0.01
cache-control: no-cache
sec-fetch-dest: empty
:authority: www.profinance.ru
x-requested-with: XMLHttpRequest
:scheme: https
sec-fetch-site: same-origin
referer: https://www.profinance.ru/charts/2017-0526/728x90/?s=USDUAH&p=VVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA=
:method: GET
Accept: text/html, */*; q=0.01
Referer: https://www.profinance.ru/charts/2017-0526/728x90/?s=USDUAH&p=VVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA=
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 09:51:53 GMT
content-encoding: gzip
last-modified: Tue, 16 Feb 2021 11:50:54 GMT
server: nginx
etag: W/"602bb19e-22f9"
vary: Accept-Encoding
content-type: text/html; charset=utf-8
x-conf: news1-www www-to-news1

GET
H3-29 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108240101/ 252 KB
93 KB 53ms
36ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2822498309427835&plah=www.profinance.ru

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

503885908301e338782bcb56814eecb5011a3b0eab9affafa8456352e53b3f03

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.profinance.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 09:51:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95603
x-xss-protection: 0
server: cafe
etag: 7035239269055453974
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Wed, 25 Aug 2021 09:51:53 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210816/r20190131/ Frame 0EE4 10 KB
5 KB 8ms
6ms Document
text/html 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210816/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210816/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.profinance.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.profinance.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 25 Aug 2021 08:37:30 GMT
expires: Wed, 08 Sep 2021 08:37:30 GMT
content-type: text/html; charset=UTF-8
etag: 8999110079160743657
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4576
x-xss-protection: 0
age: 4463
cache-control: public, max-age=1209600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 utils.js Show response
www.profinance.ru/charts/2017-0526/js/ 9 KB
3 KB 66ms
63ms Script
application/javascript 81.177.34.158
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.profinance.ru/charts/2017-0526/js/utils.js?126
Requested by: Host: www.profinance.ru
URL: https://www.profinance.ru/charts/2017-0526/728x90/?s=USDUAH&p=VVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.34.158 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: eb140bbc27b6aca8da6c4fb8dba37b7632a82affbf10d4670edaf0c1a9701566

Request headers

:path: /charts/2017-0526/js/utils.js?126
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.profinance.ru
referer: https://www.profinance.ru/charts/2017-0526/728x90/?s=USDUAH&p=VVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA=
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.profinance.ru/charts/2017-0526/728x90/?s=USDUAH&p=VVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 09:51:53 GMT
content-encoding: gzip
last-modified: Wed, 12 Feb 2020 14:09:28 GMT
server: nginx
etag: W/"5e440718-23da"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
x-conf: www-to-news1
x-location: static
expires: Fri, 24 Sep 2021 09:51:53 GMT

GET
H2 200 sse.js Show response
www.profinance.ru/charts/2017-0526/js/ 2 KB
943 B 65ms
62ms Script
application/javascript 81.177.34.158
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.profinance.ru/charts/2017-0526/js/sse.js?126
Requested by: Host: www.profinance.ru
URL: https://www.profinance.ru/charts/2017-0526/728x90/?s=USDUAH&p=VVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.34.158 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 14cad1cdcb19a308834330297cfe2922b363e7ce17f72eb6ca404b55d7a83ca0

Request headers

:path: /charts/2017-0526/js/sse.js?126
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.profinance.ru
referer: https://www.profinance.ru/charts/2017-0526/728x90/?s=USDUAH&p=VVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA=
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.profinance.ru/charts/2017-0526/728x90/?s=USDUAH&p=VVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 09:51:53 GMT
content-encoding: gzip
last-modified: Wed, 29 Jul 2020 13:15:46 GMT
server: nginx
etag: W/"5f217682-74a"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
x-conf: www-to-news1
x-location: static
expires: Fri, 24 Sep 2021 09:51:53 GMT

GET
H2 200 main.js Show response
www.profinance.ru/charts/2017-0526/js/ 19 KB
4 KB 66ms
58ms Script
application/javascript 81.177.34.158
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.profinance.ru/charts/2017-0526/js/main.js?126
Requested by: Host: www.profinance.ru
URL: https://www.profinance.ru/charts/2017-0526/728x90/?s=USDUAH&p=VVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.34.158 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 9346cd6c001c7e7e02ba916819ca9df8a1b72aa6a964127e9e3d662672eb3ef0

Request headers

:path: /charts/2017-0526/js/main.js?126
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.profinance.ru
referer: https://www.profinance.ru/charts/2017-0526/728x90/?s=USDUAH&p=VVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA=
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.profinance.ru/charts/2017-0526/728x90/?s=USDUAH&p=VVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 09:51:53 GMT
content-encoding: gzip
last-modified: Thu, 22 Oct 2020 10:21:12 GMT
server: nginx
etag: W/"5f915d18-4d74"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
x-conf: www-to-news1
x-location: static
expires: Fri, 24 Sep 2021 09:51:53 GMT

GET
H2 200 search.js Show response
www.profinance.ru/charts/2017-0526/js/ 8 KB
2 KB 66ms
58ms Script
application/javascript 81.177.34.158
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.profinance.ru/charts/2017-0526/js/search.js?126
Requested by: Host: www.profinance.ru
URL: https://www.profinance.ru/charts/2017-0526/728x90/?s=USDUAH&p=VVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.34.158 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 18d6fecbe443c652dca646d1c5f1bbd0cca19ce74ae149b9ebfa134c3605bc2b

Request headers

:path: /charts/2017-0526/js/search.js?126
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.profinance.ru
referer: https://www.profinance.ru/charts/2017-0526/728x90/?s=USDUAH&p=VVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA=
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.profinance.ru/charts/2017-0526/728x90/?s=USDUAH&p=VVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 09:51:53 GMT
content-encoding: gzip
last-modified: Wed, 14 Oct 2020 14:54:18 GMT
server: nginx
etag: W/"5f87111a-20c4"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
x-conf: www-to-news1
x-location: static
expires: Fri, 24 Sep 2021 09:51:53 GMT

GET
H2 200 pt.js Show response
www.profinance.ru/charts/2017-0526/js/ 11 KB
2 KB 66ms
59ms Script
application/javascript 81.177.34.158
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.profinance.ru/charts/2017-0526/js/pt.js?126
Requested by: Host: www.profinance.ru
URL: https://www.profinance.ru/charts/2017-0526/728x90/?s=USDUAH&p=VVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.34.158 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 219190f0eaf194e07359de2dc3f14f6c6d54e50fab6548a4acaa15e7ca0013df

Request headers

:path: /charts/2017-0526/js/pt.js?126
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.profinance.ru
referer: https://www.profinance.ru/charts/2017-0526/728x90/?s=USDUAH&p=VVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA=
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.profinance.ru/charts/2017-0526/728x90/?s=USDUAH&p=VVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 09:51:53 GMT
content-encoding: gzip
last-modified: Mon, 03 Aug 2020 13:38:26 GMT
server: nginx
etag: W/"5f281352-2b15"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
x-conf: www-to-news1
x-location: static
expires: Fri, 24 Sep 2021 09:51:53 GMT

GET
H2 200 tt.js Show response
www.profinance.ru/charts/2017-0526/js/ 4 KB
1 KB 109ms
92ms Script
application/javascript 81.177.34.158
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.profinance.ru/charts/2017-0526/js/tt.js?126
Requested by: Host: www.profinance.ru
URL: https://www.profinance.ru/charts/2017-0526/728x90/?s=USDUAH&p=VVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.34.158 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: f4e84b8e69392f9d6c10ec494ee107996a94166300c414fb309764c51890557f

Request headers

:path: /charts/2017-0526/js/tt.js?126
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.profinance.ru
referer: https://www.profinance.ru/charts/2017-0526/728x90/?s=USDUAH&p=VVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA=
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.profinance.ru/charts/2017-0526/728x90/?s=USDUAH&p=VVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 09:51:53 GMT
content-encoding: gzip
last-modified: Fri, 31 Jul 2020 17:18:27 GMT
server: nginx
etag: W/"5f245263-1126"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
x-conf: www-to-news1
x-location: static
expires: Fri, 24 Sep 2021 09:51:53 GMT

GET
H2 200 ba.js Show response
www.profinance.ru/charts/2017-0526/js/ 6 KB
2 KB 64ms
64ms Script
application/javascript 81.177.34.158
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.profinance.ru/charts/2017-0526/js/ba.js?126
Requested by: Host: www.profinance.ru
URL: https://www.profinance.ru/charts/2017-0526/728x90/?s=USDUAH&p=VVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.34.158 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 9e37cf10ad9250517534e5d969a3a95edd00952514732f97cfc2fb4d1e71ed2f

Request headers

:path: /charts/2017-0526/js/ba.js?126
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.profinance.ru
referer: https://www.profinance.ru/charts/2017-0526/728x90/?s=USDUAH&p=VVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA=
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.profinance.ru/charts/2017-0526/728x90/?s=USDUAH&p=VVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 09:51:53 GMT
content-encoding: gzip
last-modified: Fri, 31 Jul 2020 17:49:12 GMT
server: nginx
etag: W/"5f245998-161e"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
x-conf: www-to-news1
x-location: static
expires: Fri, 24 Sep 2021 09:51:53 GMT

GET
H2 200 hid.js Show response
www.profinance.ru/charts/2017-0526/js/ 2 KB
941 B 64ms
63ms Script
application/javascript 81.177.34.158
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.profinance.ru/charts/2017-0526/js/hid.js?126
Requested by: Host: www.profinance.ru
URL: https://www.profinance.ru/charts/2017-0526/728x90/?s=USDUAH&p=VVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.34.158 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 22a346d9726bee9afa7e03960b4e25536cd03f28744450f5af9cc32836a698b3

Request headers

:path: /charts/2017-0526/js/hid.js?126
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.profinance.ru
referer: https://www.profinance.ru/charts/2017-0526/728x90/?s=USDUAH&p=VVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA=
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.profinance.ru/charts/2017-0526/728x90/?s=USDUAH&p=VVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 09:51:53 GMT
content-encoding: gzip
last-modified: Thu, 22 Oct 2020 10:57:24 GMT
server: nginx
etag: W/"5f916594-755"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
x-conf: www-to-news1
x-location: static
expires: Fri, 24 Sep 2021 09:51:53 GMT

GET
H2 200 history.js Show response
www.profinance.ru/charts/2017-0526/js/ 5 KB
1 KB 65ms
62ms Script
application/javascript 81.177.34.158
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.profinance.ru/charts/2017-0526/js/history.js?126
Requested by: Host: www.profinance.ru
URL: https://www.profinance.ru/charts/2017-0526/728x90/?s=USDUAH&p=VVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.34.158 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: d5439bd7975f5de089c5e3defb6ac490b668e286225f8a86da968414d463b2ee

Request headers

:path: /charts/2017-0526/js/history.js?126
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: */*
cache-control: no-cache
sec-fetch-dest: script
:authority: www.profinance.ru
referer: https://www.profinance.ru/charts/2017-0526/728x90/?s=USDUAH&p=VVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA=
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.profinance.ru/charts/2017-0526/728x90/?s=USDUAH&p=VVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 09:51:53 GMT
content-encoding: gzip
last-modified: Wed, 14 Oct 2020 14:51:14 GMT
server: nginx
etag: W/"5f871062-14f0"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
cache-control: max-age=2592000
x-conf: www-to-news1
x-location: static
expires: Fri, 24 Sep 2021 09:51:53 GMT

GET
H2 200 styles.css
www.profinance.ru/charts/2017-0526/css/ 2 KB
775 B 109ms
93ms Stylesheet
text/css 81.177.34.158
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://www.profinance.ru/charts/2017-0526/css/styles.css?126
Requested by: Host: www.profinance.ru
URL: https://www.profinance.ru/charts/2017-0526/728x90/?s=USDUAH&p=VVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.34.158 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: bd2e5a91aa88a2d7918d1efdc2f7ddc29037ac6ee365941c4114a89af8210062

Request headers

:path: /charts/2017-0526/css/styles.css?126
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: text/css,*/*;q=0.1
cache-control: no-cache
sec-fetch-dest: style
:authority: www.profinance.ru
referer: https://www.profinance.ru/charts/2017-0526/728x90/?s=USDUAH&p=VVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA=
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.profinance.ru/charts/2017-0526/728x90/?s=USDUAH&p=VVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 09:51:53 GMT
content-encoding: gzip
last-modified: Thu, 22 Oct 2020 10:57:13 GMT
server: nginx
etag: W/"5f916589-967"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=2592000
x-conf: www-to-news1
x-location: static
expires: Fri, 24 Sep 2021 09:51:53 GMT

GET
H2 200 start.png
www.profinance.ru/charts/2017-0526/img/ 119 B
340 B 69ms
64ms Image
image/png 81.177.34.158
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.profinance.ru/charts/2017-0526/img/start.png
Requested by: Host: www.profinance.ru
URL: https://www.profinance.ru/charts/2017-0526/728x90/?s=USDUAH&p=VVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.34.158 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 603506996b902b8797cbc1dc4bf350440caad5c59feb97c39344fd7648403b5d

Request headers

:path: /charts/2017-0526/img/start.png
pragma: no-cache
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.profinance.ru
referer: https://www.profinance.ru/charts/2017-0526/728x90/?s=USDUAH&p=VVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA=
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.profinance.ru/charts/2017-0526/728x90/?s=USDUAH&p=VVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 09:51:53 GMT
last-modified: Fri, 26 May 2017 14:45:49 GMT
server: nginx
etag: "59283f9d-77"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 119
x-conf: www-to-news1
x-location: static
expires: Fri, 24 Sep 2021 09:51:53 GMT

POST
H2 204 cdb Show response
bidder.criteo.com/ 0
190 B 114ms
33ms XHR
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/cdb?ptv=112&profileId=184&cb=10312679213
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.profinance.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

access-control-allow-origin: https://www.profinance.ru
date: Wed, 25 Aug 2021 09:51:52 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 bidder_18.html Show response
cache.betweendigital.com/code/ Frame E966 4 KB
1 KB 98ms
24ms Document
text/html 151.236.71.146
CDNETWORKS

General

Check archive.org

Show headers Download Go to

Full URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=3b0d1339-1487-52ed-a516-c5c6c430d77f&CACHEBUSTER=913600
Requested by: Host: ads.betweendigital.com
URL: https://ads.betweendigital.com/sspmatch-js?p=43185&randsalt=2192688937
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 151.236.71.146 Moscow, Russian Federation, ASN204720 (CDNETWORKS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 0efe00c23297e5c56485eabb6ea548c2669b896704fcb2c426d898148543ccad

Request headers

:method: GET
:authority: cache.betweendigital.com
:scheme: https
:path: /code/bidder_18.html?USER_ID=3b0d1339-1487-52ed-a516-c5c6c430d77f&CACHEBUSTER=913600
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.profinance.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: dc=lux1; tuuid=3b0d1339-1487-52ed-a516-c5c6c430d77f; ut=YSYSuQAGIlByUYQAvNQXev0CcXJz-jd3zwPTuA==; ss=1
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.profinance.ru/

Response headers

server: nginx
date: Wed, 25 Aug 2021 09:51:53 GMT
content-type: text/html
last-modified: Tue, 08 Jun 2021 15:45:03 GMT
etag: W/"60bf907f-ee9"
content-encoding: gzip

GET
H2

200

match
ads.betweendigital.com/
Redirect Chain

https://x.bidswitch.net/sync?ssp=between
https://x.bidswitch.net/ul_cb/sync?ssp=between
https://sync.mathtag.com/sync/img?mt_exid=46&redir=%2F%2Fx.bidswitch.net%2Fsync%3Fdsp_id%3D80%26user_id%3D%5BUUID%5D%26expires%3D30%26ssp%3Dbetween%26bsw_param%3Dd9b7c77e-7462-4d3d-8d62-bc0b4b3a1e5...
https://x.bidswitch.net/sync?dsp_id=80&user_id=46f56126-12b9-4100-9165-63abe29452d2&expires=30&ssp=between&bsw_param=d9b7c77e-7462-4d3d-8d62-bc0b4b3a1e56&gdpr=&gdpr_consent=
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=d9b7c77e-7462-4d3d-8d62-bc0b4b3a1e56

68 B
607 B

31ms
30ms

Image
image/png

188.42.191.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=22&external_user_id=d9b7c77e-7462-4d3d-8d62-bc0b4b3a1e56
Requested by: Host: www.profinance.ru
URL: https://www.profinance.ru/charts/2017-0526/728x90/?s=USDUAH&p=VVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer: https://www.profinance.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

location: //ads.betweendigital.com/match?bidder_id=22&external_user_id=d9b7c77e-7462-4d3d-8d62-bc0b4b3a1e56
date: Wed, 25 Aug 2021 09:51:53 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

match
ads.betweendigital.com/
Redirect Chain

https://px.adhigh.net/p/cm/btw
https://ads.betweendigital.com/match?bidder_id=37&external_user_id=LHChpkxidmj.AikABlF7fLkkeQ

68 B
607 B

34ms
34ms

Image
image/png

188.42.191.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=37&external_user_id=LHChpkxidmj.AikABlF7fLkkeQ
Requested by: Host: www.profinance.ru
URL: https://www.profinance.ru/charts/2017-0526/728x90/?s=USDUAH&p=VVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer: https://www.profinance.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

pragma: no-cache
date: Wed, 25 Aug 2021 09:51:53 GMT
server: nginx
access-control-allow-origin: *
x-backend-id: f4-ru
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
location: https://ads.betweendigital.com/match?bidder_id=37&external_user_id=LHChpkxidmj.AikABlF7fLkkeQ
cache-control: no-cache, no-store
access-control-allow-credentials: true
content-length: 0
expires: Thu, 01 Jan 1970 00:00:00 GMT

GET
H2

200

match
ads.betweendigital.com/
Redirect Chain

https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID
https://ap.lijit.com/pixel?redir=https%3A%2F%2Fads.betweendigital.com%2Fmatch%3Fbidder_id%3D114%26external_user_id%3D%24UID&sovrn_retry=true
https://ads.betweendigital.com/match?bidder_id=114&external_user_id=fb1ae46a73916a2a063582cb

68 B
607 B

31ms
30ms

Image
image/png

188.42.191.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=114&external_user_id=fb1ae46a73916a2a063582cb
Requested by: Host: www.profinance.ru
URL: https://www.profinance.ru/charts/2017-0526/728x90/?s=USDUAH&p=VVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer: https://www.profinance.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

Date: Wed, 25 Aug 2021 09:51:53 GMT
Server: nginx
Location: https://ads.betweendigital.com/match?bidder_id=114&external_user_id=fb1ae46a73916a2a063582cb
Access-Control-Allow-Methods: GET, POST, DELETE, PUT
Access-Control-Allow-Origin: *
Access-Control-Allow-Credentials: true
X-Sovrn-Pod: ad_ap6ams1
Access-Control-Allow-Headers: X-Requested-With, Content-Type
Content-Length: 0

GET
H/1.1 204
No Content /
sync.bumlam.com/ 0
103 B 130ms
30ms Image
text/plain 31.172.81.160
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://sync.bumlam.com/?src=bw1&uid=3b0d1339-1487-52ed-a516-c5c6c430d77f
Requested by: Host: www.profinance.ru
URL: https://www.profinance.ru/charts/2017-0526/728x90/?s=USDUAH&p=VVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA=
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_128_CBC
Server: 31.172.81.160 , Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS
Software: nginx /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.profinance.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Connection: keep-alive
Date: Wed, 25 Aug 2021 09:51:53 GMT
Server: nginx

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 203 B
659 B 104ms
40ms Script
text/javascript 216.58.212.162
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=www.profinance.ru&callback=_gfp_s_&client=ca-pub-2822498309427835

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202108240101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-2822498309427835&plah=www.profinance.ru

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

216.58.212.162 Mountain View, United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s01-in-f2.1e100.net

Software

cafe /

Resource Hash

fc517c8442df472cee4fd957cae5d442ca0d16dcb0b56b932e4f983d94c83f50

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.profinance.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 09:51:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 193
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
313 B 16ms
15ms Script
application/javascript 2a00:1450:4001:812::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=www.profinance.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.profinance.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 Aug 2021 09:51:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
313 B 16ms
15ms Script
application/javascript 2a00:1450:4001:82a::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=www.profinance.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.profinance.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 Aug 2021 09:51:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame DA37 603 B
68 B 35ms
33ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2822498309427835&output=html&adk=1812271804&adf=3025194257&lmt=1629885113&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.profinance.ru%2Fcharts%2F2017-0526%2F728x90%2F%3Fs%3DUSDUAH%26p%3DVVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA%3D&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629885113408&bpp=3&bdt=480&idt=103&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6426478425865&frm=20&pv=2&ga_vid=579956200.1629885114&ga_sid=1629885114&ga_hid=915301486&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062313%2C44748553%2C44749369%2C31062297&oid=3&pvsid=4345597312403453&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=122

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2822498309427835&output=html&adk=1812271804&adf=3025194257&lmt=1629885113&plat=8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Fwww.profinance.ru%2Fcharts%2F2017-0526%2F728x90%2F%3Fs%3DUSDUAH%26p%3DVVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA%3D&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629885113408&bpp=3&bdt=480&idt=103&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=6426478425865&frm=20&pv=2&ga_vid=579956200.1629885114&ga_sid=1629885114&ga_hid=915301486&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062313%2C44748553%2C44749369%2C31062297&oid=3&pvsid=4345597312403453&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=122
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.profinance.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.profinance.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 25 Aug 2021 09:51:53 GMT
server: cafe
content-length: 46
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 25-Aug-2021 10:06:53 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 25 Aug 2021 09:51:53 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 72 KB
27 KB 22ms
21ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

99f6048e026a358bcd25087b08a35840836764c0c3a97cd18569a0dab3263b7b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.profinance.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 09:51:53 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629718286636491"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 27620
x-xss-protection: 0
expires: Wed, 25 Aug 2021 09:51:53 GMT

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 372D 68 KB
25 KB 543ms
539ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2215967389951060&output=html&h=90&slotname=3234201456&adk=1115765410&adf=683863926&pi=t.ma~as.3234201456&w=728&lmt=1629885113&psa=0&format=728x90&url=https%3A%2F%2Fwww.profinance.ru%2Fcharts%2F2017-0526%2F728x90%2F%3Fs%3DUSDUAH%26p%3DVVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA%3D&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629885113411&bpp=2&bdt=484&idt=126&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6426478425865&frm=20&pv=2&ga_vid=579956200.1629885114&ga_sid=1629885114&ga_hid=915301486&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062313%2C44748553%2C44749369%2C31062297&oid=3&pvsid=4345597312403453&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=sQbYO3KQnh&p=https%3A//www.profinance.ru&dtd=142

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5e6d26dad429fbdd73c506cd4992dab03f26433c13e33a2a019b901709191683

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2215967389951060&output=html&h=90&slotname=3234201456&adk=1115765410&adf=683863926&pi=t.ma~as.3234201456&w=728&lmt=1629885113&psa=0&format=728x90&url=https%3A%2F%2Fwww.profinance.ru%2Fcharts%2F2017-0526%2F728x90%2F%3Fs%3DUSDUAH%26p%3DVVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA%3D&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629885113411&bpp=2&bdt=484&idt=126&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6426478425865&frm=20&pv=2&ga_vid=579956200.1629885114&ga_sid=1629885114&ga_hid=915301486&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062313%2C44748553%2C44749369%2C31062297&oid=3&pvsid=4345597312403453&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=sQbYO3KQnh&p=https%3A//www.profinance.ru&dtd=142
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.profinance.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.profinance.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 25 Aug 2021 09:51:54 GMT
server: cafe
content-length: 25538
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Wed, 25-Aug-2021 10:06:53 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 25 Aug 2021 09:51:54 GMT
cache-control: private

GET
H3-29 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 1F28 436 B
237 B 474ms
473ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2215967389951060&output=html&h=300&slotname=7382055056&adk=3865379618&adf=3175363789&pi=t.ma~as.7382055056&w=0&lmt=1629885113&rafmt=12&psa=0&format=0x300&url=https%3A%2F%2Fwww.profinance.ru%2Fcharts%2F2017-0526%2F728x90%2F%3Fs%3DUSDUAH%26p%3DVVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA%3D&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629885113413&bpp=1&bdt=486&idt=173&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=6426478425865&frm=20&pv=1&ga_vid=579956200.1629885114&ga_sid=1629885114&ga_hid=915301486&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062313%2C44748553%2C44749369%2C31062297&oid=3&pvsid=4345597312403453&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ConeEr%7C&abl=CS&fu=33024&bc=31&ifi=3&uci=a!3&fsb=1&xpc=odULx9QPHa&p=https%3A//www.profinance.ru&dtd=209

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1c6d71744ccbd79814680644dd2c66605e1f73b6880f57d9ff8d8a49572743d2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-2215967389951060&output=html&h=300&slotname=7382055056&adk=3865379618&adf=3175363789&pi=t.ma~as.7382055056&w=0&lmt=1629885113&rafmt=12&psa=0&format=0x300&url=https%3A%2F%2Fwww.profinance.ru%2Fcharts%2F2017-0526%2F728x90%2F%3Fs%3DUSDUAH%26p%3DVVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA%3D&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629885113413&bpp=1&bdt=486&idt=173&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C728x90&nras=1&correlator=6426478425865&frm=20&pv=1&ga_vid=579956200.1629885114&ga_sid=1629885114&ga_hid=915301486&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062313%2C44748553%2C44749369%2C31062297&oid=3&pvsid=4345597312403453&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ConeEr%7C&abl=CS&fu=33024&bc=31&ifi=3&uci=a!3&fsb=1&xpc=odULx9QPHa&p=https%3A//www.profinance.ru&dtd=209
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.profinance.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.profinance.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Wed, 25 Aug 2021 09:51:54 GMT
server: cafe
content-length: 213
x-xss-protection: 0
set-cookie: IDE=AHWqTUldOeqGrCeBEhMuIwe09kFToYWGXuXTZ-TJ7xQx-IGDfs-7BcFD3_VhrcSSM_c; expires=Mon, 19-Sep-2022 09:51:53 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none test_cookie=; expires=Fri, 01-Aug-2008 22:45:55 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 25 Aug 2021 09:51:54 GMT
cache-control: private

POST
H2 204 events
bidder.criteo.com/csm/ 0
190 B 35ms
34ms Ping
text/plain 178.250.0.165
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL: https://bidder.criteo.com/csm/events
Requested by: Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 178.250.0.165 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS: bidder.par.vip.prod.criteo.com
Software: Finatra /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.profinance.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

access-control-allow-origin: https://www.profinance.ru
date: Wed, 25 Aug 2021 09:51:53 GMT
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
server: Finatra
timing-allow-origin: *
vary: Origin

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
337 B 27ms
27ms Image
image/gif 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=1
Requested by: Host: www.profinance.ru
URL: https://www.profinance.ru/charts/2017-0526/728x90/?s=USDUAH&p=VVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.profinance.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 09:51:53 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sat, 20 Aug 2022 09:51:53 GMT

GET
H2 200 pixel.gif
static.criteo.net/images/ 43 B
337 B 27ms
27ms Image
image/gif 2a02:2638::3
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.criteo.net/images/pixel.gif?ch=2
Requested by: Host: www.profinance.ru
URL: https://www.profinance.ru/charts/2017-0526/728x90/?s=USDUAH&p=VVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA=
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a02:2638::3 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),
Reverse DNS
Software: nginx /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Referer: https://www.profinance.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 09:51:53 GMT
last-modified: Tue, 09 Dec 2008 16:52:36 GMT
server: nginx
cross-origin-embedder-policy: require-corp
etag: "493ea254-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=31104000, public
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
content-length: 43
expires: Sat, 20 Aug 2022 09:51:53 GMT

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9376.YFlONaMLIunCg78FwZIEz2etCQWQ4RAweqJ1oDXTNot_Co-deNDIwEASk6E8AiBQ.afNvpXoyetVftPe56PMURpRz3WQ%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9376.vmt1HuoI4fVahUtbIH23Lcy1RxNw2Ru_ttcaKMv7jG2pl6ZPabP4yunH5HbxjwTc0t2GaH2F4mXM1PKWQN-qy6tfAVYs2ErNWpKNQifrWK8%2C.8QjZqpaNssQMrLbkqCkOifO9Sr0%2C

43 B
332 B

45ms
44ms

Image
image/gif

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9376.vmt1HuoI4fVahUtbIH23Lcy1RxNw2Ru_ttcaKMv7jG2pl6ZPabP4yunH5HbxjwTc0t2GaH2F4mXM1PKWQN-qy6tfAVYs2ErNWpKNQifrWK8%2C.8QjZqpaNssQMrLbkqCkOifO9Sr0%2C

Requested by

Host: www.profinance.ru
URL: https://www.profinance.ru/charts/2017-0526/728x90/?s=USDUAH&p=VVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.profinance.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 09:51:53 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9376.vmt1HuoI4fVahUtbIH23Lcy1RxNw2Ru_ttcaKMv7jG2pl6ZPabP4yunH5HbxjwTc0t2GaH2F4mXM1PKWQN-qy6tfAVYs2ErNWpKNQifrWK8%2C.8QjZqpaNssQMrLbkqCkOifO9Sr0%2C
date: Wed, 25 Aug 2021 09:51:53 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
112 B 44ms
43ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: www.profinance.ru
URL: https://www.profinance.ru/charts/2017-0526/728x90/?s=USDUAH&p=VVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://www.profinance.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 09:51:53 GMT
last-modified: Tue, 24 Aug 2021 11:44:41 GMT
etag: "6123bebf-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Wed, 25 Aug 2021 10:51:53 GMT

POST
H2 200 counter
top-fwz1.mail.ru/ 43 B
1012 B 58ms
58ms Ping
image/gif 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/counter?js=13;id=74564;u=https%3A//www.profinance.ru/charts/2017-0526/728x90/%3Fs%3DUSDUAH%26p%3DVVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA%3D;st=1629885113343;title=USDUAH%20Chart;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=8fef30ac0efa4083;ver=60.3.0;tz=-120%2FEurope%2FBerlin;ni=9.5//4g/0/0/;lvid=1629885113719%3A1629885113730%3A1%3Af1941e30d4d2b1fd8ebd8704662241f2;visible=true;_=0.27477442315567924

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.profinance.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 25 Aug 2021 09:51:53 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: https://www.profinance.ru
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: https://www.profinance.ru
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: https://www.profinance.ru
access-control-allow-headers: *

GET
H2 200 refresh Show response
charts.profinance.ru/html/charts/ 282 B
429 B 1166ms
1021ms XHR
application/json 81.177.34.153
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://charts.profinance.ru/html/charts/refresh?s=USDUAH

Requested by

Host: www.profinance.ru
URL: https://www.profinance.ru/charts/2017-0526/js/utils.js?126

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

81.177.34.153 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

8ee9dc7bc1175ef5c10da9e0cda9bee586549a24451d180e7e8382ccc3b70f9c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.profinance.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 25 Aug 2021 09:51:54 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json

GET
H2 200 hist.gif
www.profinance.ru/charts/2017-0526/img/ 851 B
1 KB 63ms
63ms Image
image/gif 81.177.34.158
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.profinance.ru/charts/2017-0526/img/hist.gif
Requested by: Host: www.profinance.ru
URL: https://www.profinance.ru/charts/2017-0526/728x90/?s=USDUAH&p=VVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.177.34.158 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: c533fb3dededf8a9d171ea6a3fbd6ec95538e3f4b2f79576f2ab87c594374f2d

Request headers

:path: /charts/2017-0526/img/hist.gif
pragma: no-cache
cookie: _ym_uid=1629885114737526589; _ym_d=1629885114; tmr_lvid=f1941e30d4d2b1fd8ebd8704662241f2; tmr_lvidTS=1629885113719; tmr_reqNum=1
accept-encoding: gzip, deflate, br
accept-language: en-US
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
sec-fetch-mode: no-cors
accept: image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
cache-control: no-cache
sec-fetch-dest: image
:authority: www.profinance.ru
referer: https://www.profinance.ru/charts/2017-0526/728x90/?s=USDUAH&p=VVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA=
:scheme: https
sec-fetch-site: same-origin
:method: GET
Referer: https://www.profinance.ru/charts/2017-0526/728x90/?s=USDUAH&p=VVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA=
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 09:51:53 GMT
last-modified: Tue, 10 Jul 2018 10:06:54 GMT
server: nginx
etag: "5b44853e-353"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 851
x-conf: www-to-news1
x-location: static
expires: Fri, 24 Sep 2021 09:51:53 GMT

GET
H2

200

match
ads.betweendigital.com/ Frame E966
Redirect Chain

https://x.bidswitch.net/sync?ssp=between
https://event.clientgear.com/cookie/bidswitch?partner=bidswitch&bidswitch_ssp_id=between&bsw_custom_parameter=d9b7c77e-7462-4d3d-8d62-bc0b4b3a1e56
https://x.bidswitch.net/sync?dsp_id=257&user_id=mk824cfb8c-ca82-4809-858d-4daee8aa033c&expires=7&user_group=5&ssp=between&bsw_param=d9b7c77e-7462-4d3d-8d62-bc0b4b3a1e56
https://ads.betweendigital.com/match?bidder_id=22&external_user_id=d9b7c77e-7462-4d3d-8d62-bc0b4b3a1e56

68 B
607 B

49ms
31ms

Image
image/png

188.42.191.196
SERVERS-COM

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ads.betweendigital.com/match?bidder_id=22&external_user_id=d9b7c77e-7462-4d3d-8d62-bc0b4b3a1e56
Requested by: Host: www.profinance.ru
URL: https://www.profinance.ru/charts/2017-0526/728x90/?s=USDUAH&p=VVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA=
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 188.42.191.196 , Luxembourg, ASN7979 (SERVERS-COM, US),
Reverse DNS
Software: /
Resource Hash: 2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11

Request headers

Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 68
content-type: image/png

Redirect headers

location: //ads.betweendigital.com/match?bidder_id=22&external_user_id=d9b7c77e-7462-4d3d-8d62-bc0b4b3a1e56
date: Wed, 25 Aug 2021 09:51:54 GMT
cache-control: no-cache, no-store, must-revalidate
content-length: 0

GET
H2

200

1 Show response
mc.yandex.com/watch/65372980/
Redirect Chain

https://mc.yandex.com/watch/65372980?wmode=7&page-url=https%3A%2F%2Fwww.profinance.ru%2Fcharts%2F2017-0526%2F728x90%2F%3Fs%3DUSDUAH%26p%3DVVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA%3D&charset=utf-8&browser-in...
https://mc.yandex.com/watch/65372980/1?wmode=7&page-url=https%3A%2F%2Fwww.profinance.ru%2Fcharts%2F2017-0526%2F728x90%2F%3Fs%3DUSDUAH%26p%3DVVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA%3D&charset=utf-8&browser-...

331 B
704 B

52ms
52ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/65372980/1?wmode=7&page-url=https%3A%2F%2Fwww.profinance.ru%2Fcharts%2F2017-0526%2F728x90%2F%3Fs%3DUSDUAH%26p%3DVVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA%3D&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwwad%3Afp%3A738%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A624%3Acn%3A1%3Adp%3A0%3Als%3A578098479986%3Ahid%3A631986389%3Az%3A120%3Ai%3A20210825115153%3Aet%3A1629885114%3Ac%3A1%3Arn%3A272608199%3Au%3A1629885114737526589%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1629885112657%3Ads%3A1%2C139%2C123%2C1%2C1%2C0%2C%2C416%2C4%2C%2C%2C%2C686%3Adsn%3A2%2C139%2C123%2C1%2C0%2C0%2C%2C418%2C4%2C%2C%2C%2C686%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1629885114%3At%3AUSDUAH%20Chart

Requested by

Host: www.profinance.ru
URL: https://www.profinance.ru/charts/2017-0526/728x90/?s=USDUAH&p=VVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA=

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

85f7fbe9807e623b299ed5889618e0348649d464acc44f1fa3a432ab002ffc73

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.profinance.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Aug 2021 09:51:53 GMT
x-content-type-options: nosniff
last-modified: Wed, 25-Aug-2021 09:51:53 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://www.profinance.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 331
x-xss-protection: 1; mode=block
expires: Wed, 25-Aug-2021 09:51:53 GMT

Redirect headers

pragma: no-cache
date: Wed, 25 Aug 2021 09:51:53 GMT
last-modified: Wed, 25-Aug-2021 09:51:53 GMT
location: /watch/65372980/1?wmode=7&page-url=https%3A%2F%2Fwww.profinance.ru%2Fcharts%2F2017-0526%2F728x90%2F%3Fs%3DUSDUAH%26p%3DVVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA%3D&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A25rt5xty9edhsiwwad%3Afp%3A738%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A624%3Acn%3A1%3Adp%3A0%3Als%3A578098479986%3Ahid%3A631986389%3Az%3A120%3Ai%3A20210825115153%3Aet%3A1629885114%3Ac%3A1%3Arn%3A272608199%3Au%3A1629885114737526589%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1629885112657%3Ads%3A1%2C139%2C123%2C1%2C1%2C0%2C%2C416%2C4%2C%2C%2C%2C686%3Adsn%3A2%2C139%2C123%2C1%2C0%2C0%2C%2C418%2C4%2C%2C%2C%2C686%3Awv%3A2%3Aadb%3A2%3Arqnl%3A1%3Ati%3A2%3Ast%3A1629885114%3At%3AUSDUAH%20Chart
strict-transport-security: max-age=31536000
access-control-allow-origin: https://www.profinance.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Wed, 25-Aug-2021 09:51:53 GMT

GET
H2 200 8326923707798302168
tpc.googlesyndication.com/daca_images/simgad/ Frame 372D 23 KB
23 KB 8ms
6ms Image
image/png 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/daca_images/simgad/8326923707798302168

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2215967389951060&output=html&h=90&slotname=3234201456&adk=1115765410&adf=683863926&pi=t.ma~as.3234201456&w=728&lmt=1629885113&psa=0&format=728x90&url=https%3A%2F%2Fwww.profinance.ru%2Fcharts%2F2017-0526%2F728x90%2F%3Fs%3DUSDUAH%26p%3DVVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA%3D&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629885113411&bpp=2&bdt=484&idt=126&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6426478425865&frm=20&pv=2&ga_vid=579956200.1629885114&ga_sid=1629885114&ga_hid=915301486&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062313%2C44748553%2C44749369%2C31062297&oid=3&pvsid=4345597312403453&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=sQbYO3KQnh&p=https%3A//www.profinance.ru&dtd=142

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

96bde0400dfa04bca482bf2bd83c83d505558b87b2d487fc7962658caff6a4c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Tue, 24 Aug 2021 13:23:26 GMT
x-content-type-options: nosniff
age: 73708
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 23365
x-xss-protection: 0
last-modified: Tue, 13 Jul 2021 12:31:58 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 24 Aug 2022 13:23:26 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/ Frame 372D 18 KB
8 KB 7ms
5ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

38cae7aa633433ce04ad15167696536fa0dfc233ea2f68d39cacfb288f5316c4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 09:37:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 841
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7637
x-xss-protection: 0
server: cafe
etag: 2853818853078434854
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Sep 2021 09:37:53 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/ Frame 372D 2 KB
1 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 09:48:48 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 186
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1339
x-xss-protection: 0
server: cafe
etag: 2275704724217174249
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Sep 2021 09:48:48 GMT

GET
H3-29 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 372D 124 KB
37 KB 52ms
37ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

2dc00e6c10812518e5f101fdeef7624851e0431b4931d80e64470b576800f041

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 09:51:54 GMT
content-encoding: gzip
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
server: sffe
etag: "1629718280506303"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
x-content-type-options: nosniff
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 38186
x-xss-protection: 0
expires: Wed, 25 Aug 2021 09:51:54 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/ Frame 372D 14 KB
6 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 09:50:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 74
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6205
x-xss-protection: 0
server: cafe
etag: 3431872159862141604
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Sep 2021 09:50:40 GMT

GET
H2 200 one_click_handler_one_afma_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/ Frame 372D 26 KB
11 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210819/r20110914/client/one_click_handler_one_afma_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e70daf1f8bcfd0ed744b5f86ac162bda58f2d2db0e5b4ba93c3adec87ad09fe3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 08:24:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 5252
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10771
x-xss-protection: 0
server: cafe
etag: 12253238251956766473
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Wed, 08 Sep 2021 08:24:22 GMT

GET
H3-29 200 adview
googleads.g.doubleclick.net/pagead/ Frame 372D 0
0 31ms
30ms Fetch
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C7Ft6uRImYc-vI_DP7_UPxM6DwAqtwqTGZOnircO4DgoQASDmnIxpYJUCoAGD3pjtAsgBAqkCB-s3krSzsz6oAwHIA8kEqgTbAU_QZus8ILY5D1VSIya17Xl36ywx2-BJHNfCLJ73_hHR8iYB3JBqThaTbmREBcTpGaTM17PrgVBEjQfFuzbBNaVRqWrjV71066y3EpxFEsE98fzNVVu4GDL94CWewuc7Wp9pyYicG6jO4CsEYMZkAQpyU5IHQWrRlDcNmhTeVHbQpmqu5v2NL0T68JV5Fa5gvOVJ8hcNZ7BWq1hsDIQVc0i7gLOuxz3DevjPFVZRvxcjhiPLNh_nCyg_8Wr_TfurehFHbyAeMueOuE2ub7JA8n7JslUgevf6JqusfMAE78ax0LoDkgUECAQYAZIFBAgFGASgBgKAB5LF3naoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwQQw6BE0ggJCIDhgBAQARgfgAoByAsB2BMN0BUBgBcBshccChoIABIUcHViLTIyMTU5NjczODk5NTEwNjAYAA&sigh=yhlGO91fK7Y

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2215967389951060&output=html&h=90&slotname=3234201456&adk=1115765410&adf=683863926&pi=t.ma~as.3234201456&w=728&lmt=1629885113&psa=0&format=728x90&url=https%3A%2F%2Fwww.profinance.ru%2Fcharts%2F2017-0526%2F728x90%2F%3Fs%3DUSDUAH%26p%3DVVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA%3D&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629885113411&bpp=2&bdt=484&idt=126&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6426478425865&frm=20&pv=2&ga_vid=579956200.1629885114&ga_sid=1629885114&ga_hid=915301486&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062313%2C44748553%2C44749369%2C31062297&oid=3&pvsid=4345597312403453&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=sQbYO3KQnh&p=https%3A//www.profinance.ru&dtd=142
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Wed, 25 Aug 2021 09:51:54 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-29 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 15DA 143 B
163 B 6ms
6ms Document
text/html 2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2215967389951060&output=html&h=90&slotname=3234201456&adk=1115765410&adf=683863926&pi=t.ma~as.3234201456&w=728&lmt=1629885113&psa=0&format=728x90&url=https%3A%2F%2Fwww.profinance.ru%2Fcharts%2F2017-0526%2F728x90%2F%3Fs%3DUSDUAH%26p%3DVVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA%3D&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629885113411&bpp=2&bdt=484&idt=126&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6426478425865&frm=20&pv=2&ga_vid=579956200.1629885114&ga_sid=1629885114&ga_hid=915301486&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062313%2C44748553%2C44749369%2C31062297&oid=3&pvsid=4345597312403453&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=sQbYO3KQnh&p=https%3A//www.profinance.ru&dtd=142
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUldOeqGrCeBEhMuIwe09kFToYWGXuXTZ-TJ7xQx-IGDfs-7BcFD3_VhrcSSM_c; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-2215967389951060&output=html&h=90&slotname=3234201456&adk=1115765410&adf=683863926&pi=t.ma~as.3234201456&w=728&lmt=1629885113&psa=0&format=728x90&url=https%3A%2F%2Fwww.profinance.ru%2Fcharts%2F2017-0526%2F728x90%2F%3Fs%3DUSDUAH%26p%3DVVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA%3D&flash=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ..&dt=1629885113411&bpp=2&bdt=484&idt=126&shv=r20210816&mjsv=m202108240101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=6426478425865&frm=20&pv=2&ga_vid=579956200.1629885114&ga_sid=1629885114&ga_hid=915301486&ga_fc=0&u_tz=120&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=436&ady=0&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44747620%2C31062313%2C44748553%2C44749369%2C31062297&oid=3&pvsid=4345597312403453&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CoeE%7C&abl=CS&pfx=0&fu=0&bc=31&ifi=2&uci=a!2&fsb=1&xpc=sQbYO3KQnh&p=https%3A//www.profinance.ru&dtd=142

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Wed, 25 Aug 2021 09:16:32 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2122
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-29

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 15DA
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
16 B

15ms
14ms

Document
text/html

2a00:1450:4001:811::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:811::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUldOeqGrCeBEhMuIwe09kFToYWGXuXTZ-TJ7xQx-IGDfs-7BcFD3_VhrcSSM_c; test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 25 Aug 2021 09:51:54 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Wed, 25-Aug-2021 10:51:54 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Wed, 25 Aug 2021 09:51:54 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Wed, 25 Aug 2021 09:51:54 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
DATA 200
OK truncated
/ Frame 372D 215 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 7224ff2ce669ee34bfd7ef4c2e8873e93cb9c6ac8552ca78bc9f54c47e83007c

Request headers

Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Content-Type: image/png

GET
H2

404

6ce9fa11362929d8
an.yandex.ru/setud/adsniper/ Frame E966
Redirect Chain

https://sync.bumlam.com/?src=aid0
https://sync3.adsniper.ru/?src=ss1&s_data=CAEQABi6pZiJBlIFl4XSlAY*
https://sync3.adsniper.ru/?src=ss1&s_data=CAIQARi6pZiJBlIFl4XSlAaiARAUNekiBYoR7IbgACWQwGR8
https://sync.bumlam.com/?src=aid0&s_data=CAIQABi6pZiJBqIBEBQ16SIFihHshuAAJZDAZHw*
https://sync.bumlam.com/?src=aid0&s_data=CAIQARi6pZiJBqIBEBQ16SIFihHshuAAJZDAZHw*
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=1435e922-058a-11ec-86e0-002590c0647c
https://x01.aidata.io/0.gif?pid=ADSNIPER&id=1435e922-058a-11ec-86e0-002590c0647c&bounce=1
https://sync.bumlam.com/?src=aid1&uid=sXIsAfdDoU1Bw3OnitHI1g&
https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm&extra1=sXIsAfdDoU1Bw3OnitHI1g&extra2=aidata
https://cm.g.doubleclick.net/pixel?google_nid=adsniperru&google_cm=&extra1=sXIsAfdDoU1Bw3OnitHI1g&extra2=aidata&google_tc=
https://sync3.sniperlog.ru/?src=ggl&extra1=sXIsAfdDoU1Bw3OnitHI1g&extra2=aidata&google_gid=CAESEJOIfcarf9fvkpB_Atv2MU8&google_cver=1
https://sync.bumlam.com/?src=ggl&extra1=sXIsAfdDoU1Bw3OnitHI1g&extra2=aidata&google_gid=CAESEJOIfcarf9fvkpB_Atv2MU8&google_cver=1
https://an.yandex.ru/setud/adsniper/6ce9fa11362929d8?sign=2766869605
https://an.yandex.ru/setud/adsniper/6ce9fa11362929d8?redir-setuniq=1&sign=2766869605

43 B
104 B

87ms
87ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/setud/adsniper/6ce9fa11362929d8?redir-setuniq=1&sign=2766869605

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Aug 2021 09:51:55 GMT
content-encoding: gzip
last-modified: Wed, 25 Aug 2021 09:51:55 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=windows-1251
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 25 Aug 2021 09:51:55 GMT

Redirect headers

pragma: no-cache
date: Wed, 25 Aug 2021 09:51:55 GMT
content-encoding: gzip
last-modified: Wed, 25 Aug 2021 09:51:55 GMT
strict-transport-security: max-age=31536000
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
location: https://an.yandex.ru/setud/adsniper/6ce9fa11362929d8?redir-setuniq=1&sign=2766869605
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 25 Aug 2021 09:51:55 GMT

GET
H2 200 syncframe Show response
gum.criteo.com/ Frame 1586 11 KB
5 KB 36ms
12ms Document
text/html 2a02:2638:1::13
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://gum.criteo.com/syncframe?origin=publishertag&topUrl=www.profinance.ru

Requested by

Host: static.criteo.net
URL: https://static.criteo.net/js/ld/publishertag.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a02:2638:1::13 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

371f0ceab6655c8448f64525b1d11186cb67ca91398655ddf145c93d77964f91

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

:method: GET
:authority: gum.criteo.com
:scheme: https
:path: /syncframe?origin=publishertag&topUrl=www.profinance.ru
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.profinance.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.profinance.ru/

Response headers

cache-control: private, max-age=3600
content-type: text/html; charset=utf-8
content-encoding: gzip
vary: Accept-Encoding
strict-transport-security: max-age=31536000
cross-origin-resource-policy: cross-origin
cross-origin-embedder-policy: require-corp
server-processing-duration-in-ticks: 1479
set-cookie: uid=36a412cc-3fcc-4822-aaee-486f1589c983; expires=Mon, 19 Sep 2022 09:51:53 GMT; domain=.criteo.com; path=/; secure; samesite=none
date: Wed, 25 Aug 2021 09:51:53 GMT
content-length: 4664

GET
H3-29 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 11 KB
8 KB 42ms
27ms XHR
application/json 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210816&st=env

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ffeef07664ca52dd6ff9ba40f145b1831a19e23e91369ee90d0d5ec504e92ea4

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.profinance.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

timing-allow-origin: *
date: Wed, 25 Aug 2021 09:51:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8576
x-xss-protection: 0

POST
H2 200 tracker
top-fwz1.mail.ru/ 43 B
929 B 59ms
59ms Ping
image/gif 217.69.133.145
MAILRU-AS Mail.Ru

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/tracker?js=13;id=74564;u=https%3A//www.profinance.ru/charts/2017-0526/728x90/%3Fs%3DUSDUAH%26p%3DVVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA%3D;st=1629885113343;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=8fef30ac0efa4083;ver=60.3.0;tz=-120%2FEurope%2FBerlin;nt=0/0/1629885112657/////1/3/4/4/143/21/143/266/267/270/686/686/690/1642/1642/;ni=9.5//4g/0/0/;lvid=1629885113719%3A1629885114304%3A2%3Af1941e30d4d2b1fd8ebd8704662241f2;visible=true;_=0.003925454742111034;e=RT/load;et=1629885114302

Requested by

Host: top-fwz1.mail.ru
URL: https://top-fwz1.mail.ru/js/code.js

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

217.69.133.145 , Russian Federation, ASN47764 (MAILRU-AS Mail.Ru, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.profinance.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain;charset=UTF-8

Response headers

date: Wed, 25 Aug 2021 09:51:54 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: https://www.profinance.ru
server: nginx
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: https://www.profinance.ru
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
accept-ch-lifetime: 86400
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
timing-allow-origin: https://www.profinance.ru
access-control-allow-headers: *

GET
H3-29 200 D3lOyaz33AOyGTIEqdOSEmJb5cnEgELXkEp-WZBOrR0.js Show response
pagead2.googlesyndication.com/bg/ Frame 5089 35 KB
13 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/D3lOyaz33AOyGTIEqdOSEmJb5cnEgELXkEp-WZBOrR0.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0f794ec9acf7dc03b2193204a9d39212625be5c9c48042d7904a7e59904ead1d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 07:56:57 GMT
content-encoding: br
x-content-type-options: nosniff
age: 6897
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13489
x-xss-protection: 0
last-modified: Mon, 16 Aug 2021 15:08:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 Aug 2022 07:56:57 GMT

GET
H3-29 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 50ms
26ms Script
text/javascript 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.profinance.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 09:51:54 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1624308425655142"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6467
x-xss-protection: 0
expires: Wed, 25 Aug 2021 09:51:54 GMT

GET
H2

200

sid Show response
mug.criteo.com/ Frame 1586
Redirect Chain

https://gum.criteo.com/sid/json?origin=publishertag&domain=profinance.ru&sn=ChromeSyncframe&so=0&topUrl=www.profinance.ru&cw=1
https://mug.criteo.com/sid?cpp=Eei20HxSMHN3RXVLbHBjazk4R2lRdURoMnFSRnZ2VGNCWWVUZGp4SkRXbnUwNHhyRldZaEZjdHBBbFdRdmlYNzhHK1dUZVFGVU5uekQyZ2tudi91TkJnZGYzUVVlRVpndmRnUThSem5hUEtnQm5ZVUE4NkdoaGtjWTVHQ1...

329 B
593 B

113ms
35ms

Fetch
application/json

178.250.0.157
ASN-CRITEO-EUROPE

General

Check archive.org

Show headers Download Go to

Full URL

https://mug.criteo.com/sid?cpp=Eei20HxSMHN3RXVLbHBjazk4R2lRdURoMnFSRnZ2VGNCWWVUZGp4SkRXbnUwNHhyRldZaEZjdHBBbFdRdmlYNzhHK1dUZVFGVU5uekQyZ2tudi91TkJnZGYzUVVlRVpndmRnUThSem5hUEtnQm5ZVUE4NkdoaGtjWTVHQ1BXejFyVVdmQk9IbjlUWjJEQ0FaVkYvUEVNYVFPUWorYUJ5aXpXb1BKMFp2QlBvUTltWUhCbUloZWxJOHpJeUhlaGtHVTZnYTVBM2VYNWJvc1BtTytKUm5kblVtb08wVXdJdzRHMFREdlk3NW9HRG4zNDZrPXw&cppv=2

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

178.250.0.157 , France, ASN44788 (ASN-CRITEO-EUROPE, FR),

Reverse DNS

Software

Resource Hash

9d22e7ff6833182296976098b8006e4b23a950fce121adaf224f5e9fce965346

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: https://gum.criteo.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
strict-transport-security: max-age=31536000
content-encoding: gzip
date: Wed, 25 Aug 2021 09:51:54 GMT
vary: Accept-Encoding
access-control-allow-methods: GET
content-type: application/json; charset=utf-8
access-control-allow-origin: https://gum.criteo.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
server-processing-duration-in-ticks: 2581
expires: 0

Redirect headers

pragma: no-cache
strict-transport-security: max-age=31536000
date: Wed, 25 Aug 2021 09:51:54 GMT
content-type: text/html; charset=utf-8
location: https://mug.criteo.com/sid?cpp=Eei20HxSMHN3RXVLbHBjazk4R2lRdURoMnFSRnZ2VGNCWWVUZGp4SkRXbnUwNHhyRldZaEZjdHBBbFdRdmlYNzhHK1dUZVFGVU5uekQyZ2tudi91TkJnZGYzUVVlRVpndmRnUThSem5hUEtnQm5ZVUE4NkdoaGtjWTVHQ1BXejFyVVdmQk9IbjlUWjJEQ0FaVkYvUEVNYVFPUWorYUJ5aXpXb1BKMFp2QlBvUTltWUhCbUloZWxJOHpJeUhlaGtHVTZnYTVBM2VYNWJvc1BtTytKUm5kblVtb08wVXdJdzRHMFREdlk3NW9HRG4zNDZrPXw&cppv=2
cache-control: no-cache, no-store, must-revalidate
server-processing-duration-in-ticks: 1753
content-length: 482
expires: 0

GET
H3-29 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 2F31 12 KB
5 KB 13ms
11ms Document
text/html 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/224/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.profinance.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.profinance.ru/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 5029
date: Wed, 25 Aug 2021 09:41:24 GMT
expires: Thu, 25 Aug 2022 09:41:24 GMT
last-modified: Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 630
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 aframe Show response
www.google.com/recaptcha/api2/ Frame 4871 783 B
785 B 25ms
23ms Document
text/html 2a00:1450:4001:828::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/recaptcha/api2/aframe

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

GSE /

Resource Hash

a5503dd4dbf3adcbafca42d6c61e31e47d5730f250136b1d3da1a6f5db20043c

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-kR5Qj5u1wGSOKYwLXnw3Zg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

:method: GET
:authority: www.google.com
:scheme: https
:path: /recaptcha/api2/aframe
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://www.profinance.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://www.profinance.ru/

Response headers

expires: Wed, 25 Aug 2021 09:51:54 GMT
date: Wed, 25 Aug 2021 09:51:54 GMT
cache-control: private, max-age=300
content-type: text/html; charset=utf-8
content-security-policy: script-src 'report-sample' 'nonce-kR5Qj5u1wGSOKYwLXnw3Zg' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding: gzip
x-content-type-options: nosniff
x-xss-protection: 1; mode=block
content-length: 515
server: GSE
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 1uDPM70x-solQtk3bMKouXIpBOJMxNO_wSEEjkbCROo.js Show response
pagead2.googlesyndication.com/bg/ Frame 2F31 35 KB
13 KB 10ms
8ms Script
text/javascript 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/1uDPM70x-solQtk3bMKouXIpBOJMxNO_wSEEjkbCROo.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d6e0cf33bd31faca2542d9376cc2a8b9722904e24cc4d3bfc121048e46c244ea

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 07:52:59 GMT
content-encoding: br
x-content-type-options: nosniff
age: 7135
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13303
x-xss-protection: 0
last-modified: Mon, 09 Aug 2021 14:48:00 GMT
server: sffe
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Thu, 25 Aug 2022 07:52:59 GMT

GET
H3-29 204 sodar
pagead2.googlesyndication.com/pagead/ 0
0 32ms
32ms Image
text/html 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&t=2&li=gda_r20210816&jk=4345597312403453&bg=!HxylHFjNAAZvV8FTb1c7ACkAdvg8Wterz016VUL1PE-3jkZ2vrwkbBCqN43_YQRRkitS9XoVTB70ZgIAAABQUgAAAAloAQcKAEuZj25KFkCAhGm3wnpUKAxf2lFVqJMuGzGYqZk3ha9cFboUmabH8B7d7XGgTNmljd-_-nRe5Y-MosXaQ4ZkoD6Cwn9jSrJf58_ZdNKZAmv0DNxeemndEBY5MDBf0i5YPZKveGdJfDIUtsR8N_w2YCXA82mvIVbljAAycRz6T4fXu1pmOOmC15SRgO18q7iiSDmJ99gyHisrp-nnhk4tLhy1UfcttiFdpRJghjJorqJ9vE7aweWmHVNLDy9Y_cQDNfjxAsh--Wq7AOG_XWPs-bh4NIWvkBzfTJGifp1rmfsQwhxiZPn2C3Bb8jzRG9Wr6F98JiRFtfAYP4wS069M1rPDH6HlxRtY3lHKwH4pQMgdo96xoVbKKVdaPOQFFj8RXcfsws7Zp5kGbw9x9R869RvGG6nj1DRaFm5nySDP6o-feSQhXNPQ1CLX5fAmxhxaHm4HQT4HYyf9eugVxclvZOMxSnIMnDjpG_Pdv_n7H00xVAFFarXsxwV9SM1I5JaTdFoHfH5_7FkBiQaekVSa-N0aUaGnDQwyHOaZ1VDLbXjd7K5qYTEOn95X5EoQd-AI-fyK1HVllqW8CeKuveZfZ6EIWbV84kORhwofqsPw_UfkdrAMm0PCEazimTegRy8CpT-QfByz_QfaeVBxRLcVwG34aeOfH__mFrSqoW6HDnJQoUfs-X0FVS_gsml_aXGvvvVxYdnVKGOHlD13Tdlb2qGyKcdiZDcdUIwcttcD90iFzmDQLt6MHhqKRzYOujHtVTkT-1qntlkPNLXzcKgnvnwBKYzMnP9upJSnfr3jZc_8ru313ouu2hfuxaOE7W1zlt-sWFoS_f86GysBqQdCA1gljT7vMmcBJxmQb2TxkSbxRdoa9GhrCnGOC7qIjqZPubyvlNSxbYVMIuLc8NK_3iKcxhQNh2flEcHI
Protocol: H3-29
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://www.profinance.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

GET
H2 200 image
charts.profinance.ru/html/charts/ 27 KB
27 KB 189ms
63ms Image
image/png 81.177.34.153
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://charts.profinance.ru/html/charts/image?SID=5XC8R065&s=USDUAH&h=693&w=1192&pt=2&tt=1&z=6&ba=2&nw=728&T=1629885114921&imd=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

81.177.34.153 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

1b03e55122228619ec1a4af837ea773186cca11d70feea350bf4055de6b42c77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.profinance.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 09:51:55 GMT
server: nginx
content-length: 27564
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png

GET
H2 200 sse
charts.profinance.ru/html/charts/ 2 KB
0 186ms
61ms EventSource
text/event-stream 81.177.34.153
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://charts.profinance.ru/html/charts/sse?sid=5XC8R065

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

81.177.34.153 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Accept: text/event-stream
Cache-Control: no-cache
Referer: https://www.profinance.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 09:51:55 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: text/event-stream
access-control-allow-origin: https://www.profinance.ru
access-control-expose-headers: *
cache-control: no-transform
access-control-allow-credentials: true

GET
H2 200 subscribe Show response
charts.profinance.ru/html/charts/ 28 B
174 B 64ms
64ms XHR
application/json 81.177.34.153
RTCOMM-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://charts.profinance.ru/html/charts/subscribe?SID=XxI18JPu&s=USDUAH

Requested by

Host: www.profinance.ru
URL: https://www.profinance.ru/charts/2017-0526/js/utils.js?126

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

81.177.34.153 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

1212155840e74b7e8667a9b861e43a1c94a34479d4fbdcff654d250cc158c0da

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.profinance.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 25 Aug 2021 09:51:55 GMT
server: nginx
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: application/json

GET image
charts.profinance.ru/html/charts/ 0
0

GET
H2 200 image
charts.profinance.ru/html/charts/ 27 KB
27 KB 88ms
88ms Image
image/png 81.177.34.153
RTCOMM-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://charts.profinance.ru/html/charts/image?SID=XxI18JPu&s=USDUAH&h=693&w=1192&pt=2&tt=1&z=6&ba=2&nw=728&T=1629885115121&imd=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

81.177.34.153 Moscow, Russian Federation, ASN8342 (RTCOMM-AS, RU),

Reverse DNS

Software

nginx /

Resource Hash

1b03e55122228619ec1a4af837ea773186cca11d70feea350bf4055de6b42c77

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload

Request headers

Referer: https://www.profinance.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

date: Wed, 25 Aug 2021 09:51:55 GMT
server: nginx
content-length: 27564
strict-transport-security: max-age=31536000; includeSubDomains; preload
content-type: image/png

GET
H3-29 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 372D 42 B
64 B 17ms
17ms Fetch
image/gif 2a00:1450:4001:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjstIMFLMNIqIcvBmfTYaUISYdjEYoK1XSlEo2PRUea9zE3MMzQZQg5qi_Xy-42_1P5vg2P6VfP9FMgLOHzWfBd7xY71A6LwqAeH6bQxsqQ8UmnVLlra9G1H8aE_G8A&sai=AMfl-YTwM9MtkePOaQ4BIFDagJXLK921b1hL5qK708wS9ENmnBT4FrfkQyWDycar8iKbbM0MBoEMWU1mfZQx&sig=Cg0ArKJSzO8YSGOnTHJqEAE&id=lidar2&mcvt=1000&p=0,436,90,1164&mtos=1000,1000,1000,1000,1000&tos=1000,0,0,0,0&v=20210823&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=4&adk=1115765410&rs=2&met=mue&la=0&cr=0&osd=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCxudWxsXQ%3D%3D&vs=4&eosm=0&rst=1629885113556&dlt=552&rpt=684&msd=0&r=v&speed=1

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-29

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:800::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Aug 2021 09:51:55 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

usync.html Show response
eus.rubiconproject.com/ Frame 1A78
Redirect Chain

https://secure-assets.rubiconproject.com/utils/xapi/multi-sync.html?p=btwnex&endpoint=eu
https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu

281 B
554 B

78ms
25ms

Document
text/html

104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Requested by: Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=3b0d1339-1487-52ed-a516-c5c6c430d77f&CACHEBUSTER=913600
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) /
Resource Hash: 3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390

Request headers

Host: eus.rubiconproject.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: https://cache.betweendigital.com/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: about:blank

Response headers

Server: Apache/2.2.15 (CentOS)
Last-Modified: Tue, 23 Feb 2021 20:47:52 GMT
ETag: "402b0-119-5bc0708346e00"
Accept-Ranges: bytes
Content-Encoding: gzip
Content-Length: 233
Content-Type: text/html; charset=UTF-8
Date: Wed, 25 Aug 2021 09:51:55 GMT
Connection: keep-alive
Vary: Accept-Encoding

Redirect headers

Server: AkamaiGHost
Content-Length: 0
Location: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Date: Wed, 25 Aug 2021 09:51:55 GMT
Connection: keep-alive
Access-Control-Allow-Credentials: true
Access-Control-Allow-Origin: *

GET
H/1.1 200
OK usync.js Show response
eus.rubiconproject.com/ Frame 1A78 31 KB
10 KB 27ms
27ms Script
text/html 104.109.78.125
AKAMAI-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://eus.rubiconproject.com/usync.js
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.3, , AES_256_GCM
Server: 104.109.78.125 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a104-109-78-125.deploy.static.akamaitechnologies.com
Software: Apache/2.2.15 (CentOS) / PHP/5.3.3
Resource Hash: 479a5f49a38ecf45835d2335943086e798b00c614477dd29e31d8e3145343a9c

Request headers

Referer: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Date: Wed, 25 Aug 2021 09:51:55 GMT
Content-Encoding: gzip
Last-Modified: Tue, 24 Aug 2021 22:28:41 GMT
Server: Apache/2.2.15 (CentOS)
X-Powered-By: PHP/5.3.3
Vary: Accept-Encoding
p3p: CP="NOI CURa ADMa DEVa TAIa OUR # BUS IND UNI COM NAV INT"
Cache-Control: max-age=55397
Connection: keep-alive
Content-Type: text/html; charset=UTF-8
Content-Length: 9355
Expires: Thu, 26 Aug 2021 01:15:12 GMT

GET
H/1.1 200
OK khaos.jpg
token.rubiconproject.com/ Frame 1A78 284 B
536 B 108ms
28ms Image
image/jpg 69.173.144.139
RUBICONPROJECT

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://token.rubiconproject.com/khaos.jpg?
Requested by: Host: eus.rubiconproject.com
URL: https://eus.rubiconproject.com/usync.html?p=btwnex&endpoint=eu
Protocol: HTTP/1.1
Security: TLS 1.2, RSA, AES_256_GCM
Server: 69.173.144.139 Frankfurt am Main, Germany, ASN26667 (RUBICONPROJECT, US),
Reverse DNS
Software: /
Resource Hash: 492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032

Request headers

Referer: https://eus.rubiconproject.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

Pragma: no-cache
Expires: 0
Cache-Control: no-cache,no-store,must-revalidate
P3P: CP="NOI CURa ADMa DEVa TAIa OUR BUS IND UNI COM NAV INT"
content-length: 284
X-RPHost: 66ef90d06496cfd000aab8206f2b6221
Content-Type: image/jpg

GET
H2

200

913600
www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/ Frame E966
Redirect Chain

https://www.tns-counter.ru/V13a****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/913600
https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/913600

43 B
296 B

46ms
45ms

Image
image/gif

2001:6d0:4001::226
TNSMSK-

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/913600
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2001:6d0:4001::226 , Russian Federation, ASN52016 (TNSMSK-, RU),
Reverse DNS
Software: ms-counter-3.2.9/1.20.1 /
Resource Hash: cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Request headers

Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Aug 2021 09:51:55 GMT
last-modified: Mon, 28 Sep 1970 06:00:00 GMT
server: ms-counter-3.2.9/1.20.1
content-type: image/gif
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 43
expires: Thu, 01 Jan 1970 00:00:01 GMT

Redirect headers

pragma: no-cache
date: Wed, 25 Aug 2021 09:51:55 GMT
server: ms-counter-3.2.9/1.20.1
strict-transport-security: max-age=2678400
content-type: image/gif
location: https://www.tns-counter.ru/V13b****betweenx_ru/ru/CP1251/tmsec=betweenx_bx-ban-1/913600
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0, no-cache=Set-Cookie, max-age=0, proxy-revalidate
timing-allow-origin: *
content-length: 0
expires: Thu, 01 Jan 1970 00:00:01 GMT

GET
H2

200

match
ad.360yield.com/ul_cb/ Frame E966
Redirect Chain

https://x.bidswitch.net/sync?dsp_id=429&user_id=3b0d1339-1487-52ed-a516-c5c6c430d77f&expires=60
https://x.bidswitch.net/ul_cb/sync?dsp_id=429&user_id=3b0d1339-1487-52ed-a516-c5c6c430d77f&expires=60
https://ad.360yield.com/match?publisher_dsp_id=191&external_user_id=8c0aca81-5277-4c0e-be54-f3bc3be047a3
https://ad.360yield.com/ul_cb/match?publisher_dsp_id=191&external_user_id=8c0aca81-5277-4c0e-be54-f3bc3be047a3

43 B
444 B

30ms
30ms

Image
image/gif

52.58.206.142
AMAZON-02

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=191&external_user_id=8c0aca81-5277-4c0e-be54-f3bc3be047a3
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 52.58.206.142 Frankfurt am Main, Germany, ASN16509 (AMAZON-02, US),
Reverse DNS: ec2-52-58-206-142.eu-central-1.compute.amazonaws.com
Software: /
Resource Hash: 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Request headers

Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

access-control-allow-origin: *
date: Wed, 25 Aug 2021 09:51:55 GMT
content-type: image/gif
content-length: 43
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

Redirect headers

location: https://ad.360yield.com/ul_cb/match?publisher_dsp_id=191&external_user_id=8c0aca81-5277-4c0e-be54-f3bc3be047a3
date: Wed, 25 Aug 2021 09:51:55 GMT
content-type: text/plain
content-length: 0
p3p: CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"

GET
H2 200 / Show response
onetag-sys.com/usync/ Frame 8551 2 KB
823 B 84ms
27ms Document
text/html 51.89.9.254
OVH

General

Check archive.org

Show headers Download Go to

Full URL

https://onetag-sys.com/usync/?pubId=5d1628750185ace

Requested by

Host: cache.betweendigital.com
URL: https://cache.betweendigital.com/code/bidder_18.html?USER_ID=3b0d1339-1487-52ed-a516-c5c6c430d77f&CACHEBUSTER=913600

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

51.89.9.254 London, United Kingdom, ASN16276 (OVH, FR),

Reverse DNS

ip254.ip-51-89-9.eu

Software

Resource Hash

37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

:method: GET
:authority: onetag-sys.com
:scheme: https
:path: /usync/?pubId=5d1628750185ace
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://cache.betweendigital.com/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Referer: https://cache.betweendigital.com/

Response headers

content-type: text/html
cache-control: no-transform, no-cache
content-encoding: gzip
content-length: 731
strict-transport-security: max-age=15552000

GET
H2

200

3b0d1339-1487-52ed-a516-c5c6c430d77f
an.yandex.ru/mapuid/betweendigitalis/ Frame E966
Redirect Chain

https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F3b0d1339-1487-52ed-a516-c5c6c430d77f
https://ads.betweendigital.com/match?bidder_id=43554&callback_url=https%3A%2F%2Fan.yandex.ru%2Fmapuid%2Fbetweendigitalis%2F3b0d1339-1487-52ed-a516-c5c6c430d77f&crf=1
https://an.yandex.ru/mapuid/betweendigitalis/3b0d1339-1487-52ed-a516-c5c6c430d77f

43 B
171 B

73ms
73ms

Image
image/gif

2a02:6b8::90
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://an.yandex.ru/mapuid/betweendigitalis/3b0d1339-1487-52ed-a516-c5c6c430d77f

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

2a02:6b8::90 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Aug 2021 09:51:56 GMT
content-encoding: gzip
last-modified: Wed, 25 Aug 2021 09:51:56 GMT
p3p: CP="NOI DEVa TAIa OUR BUS UNI STA"
strict-transport-security: max-age=31536000
content-type: image/gif; charset=utf-8
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
timing-allow-origin: *
x-xss-protection: 1; mode=block
expires: Wed, 25 Aug 2021 09:51:56 GMT

Redirect headers

location: https://an.yandex.ru/mapuid/betweendigitalis/3b0d1339-1487-52ed-a516-c5c6c430d77f
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-length: 0

GET
H2 200 sync
t.adx.opera.com/ Frame E966 0
393 B 74ms
25ms Image
text/plain 82.145.213.8
NO-OPERA

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://t.adx.opera.com/sync?vendor=60079&uid=3b0d1339-1487-52ed-a516-c5c6c430d77f
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 82.145.213.8 , Norway, ASN39832 (NO-OPERA, NO),
Reverse DNS: n-sysadmin-jumpbox-03.feednews.opera.technology
Software: Tengine /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Referer: https://cache.betweendigital.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36

Response headers

pragma: no-cache
date: Wed, 25 Aug 2021 09:51:56 GMT
server: Tengine
access-control-allow-methods: POST, GET
access-control-allow-origin: *
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-headers: Content-Type, Content-Length, Accept-Encoding, X-CSRF-Token, Authorization, accept, origin, Cache-Control, X-Requested-With
content-length: 0
expires: Mon, 01 Jan 1990 00:00:00 GMT

POST
H2 200 65372980 Show response
mc.yandex.com/webvisor/ 43 B
179 B 131ms
130ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/65372980?wmode=0&wv-part=1&wv-hit=631986389&page-url=https%3A%2F%2Fwww.profinance.ru%2Fcharts%2F2017-0526%2F728x90%2F%3Fs%3DUSDUAH%26p%3DVVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA%3D&rn=677542719&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1629885116%3Aw%3A1600x1200%3Av%3A624%3Az%3A120%3Ai%3A20210825115156%3Au%3A1629885114737526589%3Avf%3A25rt5xty9edhsiwwad%3Awe%3A1%3Ati%3A2%3Ast%3A1629885116

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.profinance.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 25 Aug 2021 09:51:56 GMT
last-modified: Wed, 25-Aug-2021 09:51:56 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.profinance.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 25-Aug-2021 09:51:56 GMT

POST
H2 200 65372980 Show response
mc.yandex.com/webvisor/ 43 B
85 B 128ms
127ms XHR
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/65372980?wmode=0&wv-part=1&wv-hit=631986389&page-url=https%3A%2F%2Fwww.profinance.ru%2Fcharts%2F2017-0526%2F728x90%2F%3Fs%3DUSDUAH%26p%3DVVNEVUFIIzIjMSMxMTkyIzY5MyM2IzA%3D&rn=460707010&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1629885116%3Aw%3A1600x1200%3Av%3A624%3Az%3A120%3Ai%3A20210825115156%3Au%3A1629885114737526589%3Avf%3A25rt5xty9edhsiwwad%3Awe%3A1%3Ati%3A2%3Ast%3A1629885116

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://www.profinance.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/92.0.4515.159 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Wed, 25 Aug 2021 09:51:56 GMT
last-modified: Wed, 25-Aug-2021 09:51:56 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://www.profinance.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Wed, 25-Aug-2021 09:51:56 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: charts.profinance.ru
URL: https://charts.profinance.ru/html/charts/image?SID=XxI18JPu&s=USDUAH&h=693&w=1192&pt=2&tt=1&z=6&ba=2&nw=728&T=1629885115118&imd=1

Verdicts & Comments Add Verdict or Comment

219 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.betweendigital.com/	1970-01-20 05:30:21	Name: ut Value: YSYSugADPCDCUWglo-xyuFZBR2W7P7cG53hVZA==
.betweendigital.com/	1970-01-20 05:30:21	Name: tuuid Value: 23d5745d-d645-52ed-9ca5-419bfd835322
.betweendigital.com/	1970-01-20 05:30:21	Name: dc Value: lux1
.doubleclick.net/	1970-01-20 06:06:21	Name: IDE Value: AHWqTUldOeqGrCeBEhMuIwe09kFToYWGXuXTZ-TJ7xQx-IGDfs-7BcFD3_VhrcSSM_c
.doubleclick.net/	1970-01-19 20:44:48	Name: DSID Value: NO_DATA
.betweendigital.com/	1970-01-20 05:30:21	Name: unm Value: 1
.profinance.ru/	1970-01-20 05:30:21	Name: _ym_uid Value: 1629885114737526589
.doubleclick.net/	1970-01-19 20:44:46	Name: test_cookie Value: CheckForPermission
.betweendigital.com/	1970-01-20 05:30:21	Name: ss Value: 1
.profinance.ru/	1970-01-20 04:44:16	Name: tmr_reqNum Value: 2
.profinance.ru/	1970-01-19 20:44:46	Name: _ym_visorc Value: w
.profinance.ru/	1970-01-20 04:44:16	Name: tmr_lvidTS Value: 1629885113719
.profinance.ru/	1970-01-20 06:06:21	Name: __gads Value: ID=b0fc6631dfaf322e-2201ef97b4c9006b:T=1629885113:RT=1629885113:S=ALNI_MZ_Dy5ggqizUgC_FVvyw_AfPke5HQ
.profinance.ru/	1970-01-20 04:44:16	Name: tmr_lvid Value: f1941e30d4d2b1fd8ebd8704662241f2
.profinance.ru/	1970-01-20 05:30:21	Name: _ym_d Value: 1629885114
.profinance.ru/	1970-01-19 20:45:57	Name: _ym_isad Value: 2

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.360yield.com
ad.mail.ru
adfox-c2s-ams.creativecdn.com
ads.betweendigital.com
adservice.google.com
adservice.google.de
an.yandex.ru
ap.lijit.com
bidder.criteo.com
cache.betweendigital.com
charts.profinance.ru
cm.g.doubleclick.net
counter.yadro.ru
eus.rubiconproject.com
event.clientgear.com
exchange.buzzoola.com
googleads.g.doubleclick.net
gum.criteo.com
matchid.adfox.yandex.ru
mc.yandex.com
mc.yandex.ru
mug.criteo.com
onetag-sys.com
pagead2.googlesyndication.com
partner.googleadservices.com
pb.adriver.ru
px.adhigh.net
secure-assets.rubiconproject.com
ssl.google-analytics.com
static.criteo.net
sync.bumlam.com
sync.mathtag.com
sync3.adsniper.ru
sync3.sniperlog.ru
t.adx.opera.com
token.rubiconproject.com
top-fwz1.mail.ru
tpc.googlesyndication.com
www.google.com
www.googletagservices.com
www.profinance.ru
www.tns-counter.ru
x.bidswitch.net
x01.aidata.io
yastatic.net
yhb.p.otm-r.com
charts.profinance.ru
104.109.78.125
142.250.184.226
144.76.118.200
151.236.71.146
178.250.0.157
178.250.0.165
185.184.8.65
185.29.132.241
188.40.68.29
188.42.191.196
193.232.148.143
195.209.111.20
2.19.35.65
2001:6d0:4001::226
216.52.2.30
216.58.212.162
217.69.133.145
2a00:1148:db00::17
2a00:1450:4001:800::2002
2a00:1450:4001:808::2002
2a00:1450:4001:80e::2001
2a00:1450:4001:811::2002
2a00:1450:4001:812::2002
2a00:1450:4001:828::2002
2a00:1450:4001:828::2004
2a00:1450:4001:828::2008
2a00:1450:4001:82a::2002
2a02:2638:1::13
2a02:2638::3
2a02:6b8:20::215
2a02:6b8::16b
2a02:6b8::1:119
2a02:6b8::90
3.64.77.7
31.172.81.158
31.172.81.160
47.252.78.131
51.89.9.254
52.58.206.142
69.173.144.139
81.177.34.153
81.177.34.158
82.145.213.8
88.212.201.216
89.108.119.43
00daef3b4a945d15f73efa05e0ce2ca51f2f8252e1da8fae5c2efb0f6dddacce
03032b7414541a98aaa00a220920ce2980d55afcb45c4328c156737f9fb995e0
0efe00c23297e5c56485eabb6ea548c2669b896704fcb2c426d898148543ccad
0f794ec9acf7dc03b2193204a9d39212625be5c9c48042d7904a7e59904ead1d
10c861bc88c25be1f3ee98f7652bc7fbb35857f42f923e00c6037b757c77685e
1212155840e74b7e8667a9b861e43a1c94a34479d4fbdcff654d250cc158c0da
1259ea99bd76596239bfd3102c679eb0a5052578dc526b0452f4d42f8bcdd45f
14cad1cdcb19a308834330297cfe2922b363e7ce17f72eb6ca404b55d7a83ca0
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
18d6fecbe443c652dca646d1c5f1bbd0cca19ce74ae149b9ebfa134c3605bc2b
1b03e55122228619ec1a4af837ea773186cca11d70feea350bf4055de6b42c77
1c6d71744ccbd79814680644dd2c66605e1f73b6880f57d9ff8d8a49572743d2
219190f0eaf194e07359de2dc3f14f6c6d54e50fab6548a4acaa15e7ca0013df
22a346d9726bee9afa7e03960b4e25536cd03f28744450f5af9cc32836a698b3
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
2aa4fa20701cdd6d8d56046069001186b5267e3ee7d0ef618ad2f4a683723e11
2c967cac40158b4a25c3f77d4123e5d9c203f5527322e6d51b6469df29abe2ae
2dc00e6c10812518e5f101fdeef7624851e0431b4931d80e64470b576800f041
34f40e0062abb20d76c094126c7560d42bf17051ec7f8fddc3e48a5d93e7a452
371f0ceab6655c8448f64525b1d11186cb67ca91398655ddf145c93d77964f91
37a31642af0a7fe695ed0fd68a06a55af44e854d083dc7f5d0e70535f0189ae0
38cae7aa633433ce04ad15167696536fa0dfc233ea2f68d39cacfb288f5316c4
3982c942590876cf5a57ea212976927e47b081f65ead1a24e8d0c563e97e89b7
3d195e6a309aac02d3fd31ee17915be3fc1daeb260ee2be279fb738a07c92eae
3fdf2ee487005f6505d00cc9d7a3757a1942d56bcaea69929cbd5ba110494390
426a757eb419bbff4f11f14b102f2038864ff3a9c12b4363971969f98596b5d1
45fa0a2c384ad5d4eb30b0adda03bdf9ca557fc9ca458c86179eb1e99525b197
479a5f49a38ecf45835d2335943086e798b00c614477dd29e31d8e3145343a9c
492abbc30ace41332a8f68b7f34f56333a037aebac34e0bc9b9cedb0d1c3b032
4a21b26cab7b5e9edd19fa1796f841302465acbb4f2341e540e8bba1a313e2f7
4d8541abc166fd8983533212451a2bccd26461c738bf270d3c57d53d9cb1f357
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
503885908301e338782bcb56814eecb5011a3b0eab9affafa8456352e53b3f03
536cd983c5ac840349770984405fe9eb9e67b9d7e35e0c45673a653b003173b6
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5e6d26dad429fbdd73c506cd4992dab03f26433c13e33a2a019b901709191683
603506996b902b8797cbc1dc4bf350440caad5c59feb97c39344fd7648403b5d
668b046d12db350ccba6728890476b3efee53b2f42dbb84743e5e9f1ae0cc404
7224ff2ce669ee34bfd7ef4c2e8873e93cb9c6ac8552ca78bc9f54c47e83007c
7d607736a2d8b6c1b4e067b026cf8e4d63b8b0fefe85e3d0774ae8b876bc4625
7f916ceba8d0a8c3e58967d455df674801254dc9071a19acf67cc283b272c895
846949c5a40e3ffbb702473e54dfac0646541aa624a844369b6e24e51ddaf96b
85f7fbe9807e623b299ed5889618e0348649d464acc44f1fa3a432ab002ffc73
8ee9dc7bc1175ef5c10da9e0cda9bee586549a24451d180e7e8382ccc3b70f9c
9346cd6c001c7e7e02ba916819ca9df8a1b72aa6a964127e9e3d662672eb3ef0
96bde0400dfa04bca482bf2bd83c83d505558b87b2d487fc7962658caff6a4c4
99f6048e026a358bcd25087b08a35840836764c0c3a97cd18569a0dab3263b7b
9a356564c14277da14f1d0fd222099c96849b37ce5dbd788022647fc2864b15b
9d22e7ff6833182296976098b8006e4b23a950fce121adaf224f5e9fce965346
9e37cf10ad9250517534e5d969a3a95edd00952514732f97cfc2fb4d1e71ed2f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a5503dd4dbf3adcbafca42d6c61e31e47d5730f250136b1d3da1a6f5db20043c
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a77b5b144c3f56851014d4bebe38caa29c8316b127265f73e61e3d772a27ef87
aea24c5eb275168730be530f4f40ea9ba14e68b73bb652926d79306f0f9ce304
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6f6d0902ff385f68ec17c4c059d4fe89a0a08f1c022ab70580ea8552dfc0a11
b93136da22f5cd076d3ed8e0de0b233e319b99c1846fb3fba90c54502f1769bb
bd2e5a91aa88a2d7918d1efdc2f7ddc29037ac6ee365941c4114a89af8210062
c533fb3dededf8a9d171ea6a3fbd6ec95538e3f4b2f79576f2ab87c594374f2d
cae5a6f0cf262529b60fa930088e213f04e6392add129055873393f4c6d33376
ccb150b1878d5aa777543222f9e47636d4258687e3dd57e625988f09a96bda64
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d5439bd7975f5de089c5e3defb6ac490b668e286225f8a86da968414d463b2ee
d5f3085127d154cbd72e219052312767d460633fafa6e38bb9a9446ddb03a270
d6e0cf33bd31faca2542d9376cc2a8b9722904e24cc4d3bfc121048e46c244ea
d7b6ed9e8166c815f86b056bb3caa013f5ac25dd030cc17ebe1b3fc2ebf06bbb
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e70daf1f8bcfd0ed744b5f86ac162bda58f2d2db0e5b4ba93c3adec87ad09fe3
eb140bbc27b6aca8da6c4fb8dba37b7632a82affbf10d4670edaf0c1a9701566
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f4e84b8e69392f9d6c10ec494ee107996a94166300c414fb309764c51890557f
fc517c8442df472cee4fd957cae5d442ca0d16dcb0b56b932e4f983d94c83f50
ff1343d1a8da5acf42773c36549ced52929ee8cb0e95eaa11acc91a3c8c76914
ffeef07664ca52dd6ff9ba40f145b1831a19e23e91369ee90d0d5ec504e92ea4

www.profinance.ru Open in urlscan Pro 81.177.34.158 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

99 Requests

99 %HTTPS

38 %IPv6

34 Domains

46 Subdomains

38 IPs

8 Countries

1049 kBTransfer

3713 kBSize

16 Cookies

0 Outgoing links

Redirected requests

99 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

www.profinance.ru Open in urlscan Pro
81.177.34.158 Public Scan

Screenshot
Live screenshot

Full Image

99
Requests

99 %
HTTPS

38 %
IPv6

34
Domains

46
Subdomains

38
IPs

8
Countries

1049 kB
Transfer

3713 kB
Size

16
Cookies

99 HTTP transactions
1 data transactions