urlscan.io logo urlscan.io
SecurityTrails logo

itnan.ru Open in urlscan Pro
94.130.25.91  Public Scan

Go To Rescan Add Verdict Report
URL: https://itnan.ru/post.php?c=1&p=584232
Submission: On October 19 via api from US — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 20 IPs in 4 countries across 22 domains to perform 73 HTTP transactions. The main IP is 94.130.25.91, located in Germany and belongs to HETZNER-AS, DE. The main domain is itnan.ru.
TLS certificate: Issued by Sectigo RSA Domain Validation Secure ... on July 20th 2021. Valid for: a year.
This is the only time itnan.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
20 94.130.25.91 24940 (HETZNER-AS)
8 142.250.186.130 15169 (GOOGLE)
1 1 82.192.95.170 60781 (LEASEWEB-...)
1 104.26.12.161 13335 (CLOUDFLAR...)
1 142.250.184.234 15169 (GOOGLE)
5 31.131.252.90 50340 (SELECTEL-MSK)
2 87.250.250.90 13238 (YANDEX)
3 11 77.88.21.119 13238 (YANDEX)
2 142.250.185.238 15169 (GOOGLE)
4 172.217.16.130 15169 (GOOGLE)
1 142.250.181.226 15169 (GOOGLE)
5 178.154.131.217 13238 (YANDEX)
1 2 88.212.201.216 39134 (UNITEDNET)
3 31.131.252.94 49505 (SELECTEL)
2 142.250.184.225 15169 (GOOGLE)
1 142.250.185.228 15169 (GOOGLE)
3 185.15.175.132 43226 (SAFEDATA ...)
1 1 185.59.220.17 60068 (CDN77 ^_^)
1 104.21.21.220 13335 (CLOUDFLAR...)
1 89.108.97.2 197695 (AS-REG)
7 10 185.15.175.145 43226 (SAFEDATA ...)
1 2 185.15.175.137 43226 (SAFEDATA ...)
1 1 168.119.167.24 24940 (HETZNER-AS)
2 2 138.201.139.144 24940 (HETZNER-AS)
73 20
20    94.130.25.91 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.91.25.130.94.clients.your-server.de
itnan.ru
8    142.250.186.130 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net
pagead2.googlesyndication.com
adservice.google.com
1    82.192.95.170 (Netherlands)

ASN60781 (LEASEWEB-NL-AMS-01 Netherlands, NL)
PTR: beta.hstor.org
habrastorage.org
1    104.26.12.161 (United States)

ASN13335 (CLOUDFLARENET, US)
hsto.org
1    142.250.184.234 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f10.1e100.net
ajax.googleapis.com
5    31.131.252.90 (St Petersburg, Russian Federation)

ASN50340 (SELECTEL-MSK, RU)
share.pluso.ru
2    87.250.250.90 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: bs.yandex.ru
an.yandex.ru
11    77.88.21.119 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: mc.yandex.ru
mc.yandex.ru
mc.yandex.com
2    142.250.185.238 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f14.1e100.net
www.google-analytics.com
4    172.217.16.130 (United States)

ASN15169 (GOOGLE, US)
PTR: zrh04s06-in-f130.1e100.net
googleads.g.doubleclick.net
1    142.250.181.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s56-in-f2.1e100.net
partner.googleadservices.com
5    178.154.131.217 (Russian Federation)

ASN13238 (YANDEX, RU)
PTR: static.yandex.net
yastatic.net
2    88.212.201.216 (Russian Federation)

ASN39134 (UNITEDNET, RU)
counter.yadro.ru
3    31.131.252.94 (St Petersburg, Russian Federation)

ASN49505 (SELECTEL, RU)
kitbit.net
2    142.250.184.225 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f1.1e100.net
tpc.googlesyndication.com
1    142.250.185.228 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s53-in-f4.1e100.net
www.google.com
3    185.15.175.132 (Russian Federation)

ASN43226 (SAFEDATA Uplinks, RU)
tag.digitaltarget.ru
1    185.59.220.17 (Frankfurt am Main, Germany)

ASN60068 (CDN77 ^_^, GB)
PTR: frankfurt-10.cdn77.com
p1.ntvk1.ru
1    104.21.21.220 (United States)

ASN13335 (CLOUDFLARENET, US)
optinder.com
1    89.108.97.2 (Russian Federation)

ASN197695 (AS-REG, RU)
PTR: d50603.reg.regrucolo.ru
ut9.rktch.com
10    185.15.175.145 (Russian Federation)

ASN43226 (SAFEDATA Uplinks, RU)
dmg.digitaltarget.ru
2    185.15.175.137 (Russian Federation)

ASN43226 (SAFEDATA Uplinks, RU)
fnc.rt.ru
1    168.119.167.24 (United States)

ASN24940 (HETZNER-AS, DE)
PTR: static.24.167.119.168.clients.your-server.de
matcher.upravel.com
2    138.201.139.144 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.144.139.201.138.clients.your-server.de
cm.p.altergeo.ru
Domain Requested by
20 itnan.ru itnan.ru
10 dmg.digitaltarget.ru 7 redirects
9 mc.yandex.com 2 redirects itnan.ru
mc.yandex.ru
7 pagead2.googlesyndication.com itnan.ru
pagead2.googlesyndication.com
tpc.googlesyndication.com
5 yastatic.net an.yandex.ru
5 share.pluso.ru itnan.ru
share.pluso.ru
4 googleads.g.doubleclick.net pagead2.googlesyndication.com
3 tag.digitaltarget.ru kitbit.net
tag.digitaltarget.ru
3 kitbit.net share.pluso.ru
kitbit.net
2 cm.p.altergeo.ru 2 redirects
2 fnc.rt.ru 1 redirects
2 tpc.googlesyndication.com pagead2.googlesyndication.com
tpc.googlesyndication.com
2 counter.yadro.ru 1 redirects
2 www.google-analytics.com itnan.ru
www.google-analytics.com
2 mc.yandex.ru 1 redirects itnan.ru
2 an.yandex.ru itnan.ru
an.yandex.ru
1 matcher.upravel.com 1 redirects
1 ut9.rktch.com
1 optinder.com
1 p1.ntvk1.ru 1 redirects
1 www.google.com tpc.googlesyndication.com
1 adservice.google.com pagead2.googlesyndication.com
1 partner.googleadservices.com pagead2.googlesyndication.com
1 ajax.googleapis.com itnan.ru
1 hsto.org itnan.ru
1 habrastorage.org 1 redirects
73 26
Subject Issuer Validity Valid
www.itnan.ru
Sectigo RSA Domain Validation Secure Server CA		 2021-07-20 -
2022-08-20		 a year crt.sh
*.g.doubleclick.net
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
sni.cloudflaressl.com
Cloudflare Inc ECC CA-3		 2021-05-28 -
2022-05-27		 a year crt.sh
upload.video.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.pluso.ru
R3		 2021-05-11 -
2021-08-09		 3 months crt.sh
bs.yandex.ru
Yandex CA		 2021-05-31 -
2021-11-29		 6 months crt.sh
mc.yandex.ru
Yandex CA		 2021-07-28 -
2022-01-07		 5 months crt.sh
*.google-analytics.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.googleadservices.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
*.yastatic.net
Yandex CA		 2021-08-18 -
2022-02-16		 6 months crt.sh
counter.yadro.ru
GoGetSSL ECC DV CA		 2020-02-02 -
2022-05-02		 2 years crt.sh
*.kitbit.net
Let's Encrypt Authority X3		 2018-11-05 -
2019-02-03		 3 months crt.sh
tpc.googlesyndication.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
www.google.com
GTS CA 1C3		 2021-09-13 -
2021-11-20		 2 months crt.sh
tag.digitaltarget.ru
R3		 2021-10-09 -
2022-01-07		 3 months crt.sh
ut9.rktch.com
R3		 2021-10-16 -
2022-01-14		 3 months crt.sh
dmg.digitaltarget.ru
R3		 2021-10-09 -
2022-01-07		 3 months crt.sh
fnc.rt.ru
Thawte RSA CA 2018		 2020-12-25 -
2022-01-02		 a year crt.sh

This page contains 7 frames:

Primary Page: https://itnan.ru/post.php?c=1&p=584232
Frame ID: 945FECA7793ACAFB2FE57E07C4352C40
Requests: 65 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20211013/r20190131/zrt_lookup.html
Frame ID: 0A12BB4FACA52CAD5ED66AD402F3305E
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7911479585715549&output=html&adk=1812271804&adf=3025194257&lmt=1634654147&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32&format=0x0&url=https%3A%2F%2Fitnan.ru%2Fpost.php%3Fc%3D1%26p%3D584232&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634654147394&bpp=2&bdt=130&idt=79&shv=r20211013&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8490783945233&frm=20&pv=2&ga_vid=504054274.1634654147&ga_sid=1634654147&ga_hid=697767530&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944%2C31062524&oid=2&pvsid=2806900943440570&pem=634&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=100
Frame ID: 3776CE589BA017C561F9F21B002227DC
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7911479585715549&output=html&h=600&slotname=5397894938&adk=1077623558&adf=2365329730&pi=t.ma~as.5397894938&w=1200&cr_col=4&cr_row=2&fwrn=2&lmt=1634654147&rafmt=9&psa=0&format=1200x600&url=https%3A%2F%2Fitnan.ru%2Fpost.php%3Fc%3D1%26p%3D584232&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634654147398&bpp=1&bdt=134&idt=111&shv=r20211013&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8490783945233&frm=20&pv=1&ga_vid=504054274.1634654147&ga_sid=1634654147&ga_hid=697767530&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=118&ady=1934&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944%2C31062524&oid=2&pvsid=2806900943440570&pem=634&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=x4Kbi7wmlR&p=https%3A//itnan.ru&dtd=117
Frame ID: BA5616623F03DD751D889D83833944AA
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7911479585715549&output=html&h=280&slotname=5272582481&adk=2875509146&adf=4185583258&pi=t.ma~as.5272582481&w=1200&fwrn=4&fwrnh=100&lmt=1634654147&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fitnan.ru%2Fpost.php%3Fc%3D1%26p%3D584232&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634654147399&bpp=1&bdt=136&idt=118&shv=r20211013&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x600&nras=1&correlator=8490783945233&frm=20&pv=1&ga_vid=504054274.1634654147&ga_sid=1634654147&ga_hid=697767530&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=118&ady=2564&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944%2C31062524&oid=2&pvsid=2806900943440570&pem=634&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=ZJiK8Hv9MY&p=https%3A//itnan.ru&dtd=121
Frame ID: F429CFF724B312E604E07EF76EFF05D9
Requests: 1 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Frame ID: 5EDDEBDBD60F44F532C5C79308621039
Requests: 2 HTTP requests in this frame

Frame: https://www.google.com/recaptcha/api2/aframe
Frame ID: 6CF4F80BDD0C4D89FD4514FAF975D6AE
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Security Week 42: атака MysterySnail и zero-day в Windows

Detected technologies

Overall confidence: 100%
Detected patterns
  • \.php(?:$|\?)
Overall confidence: 100%
Detected patterns
  • (?:F|f)o(?:n|r)t-?(?:A|a)wesome(?:.*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)
Overall confidence: 100%
Detected patterns
  • googlesyndication\.com/
Overall confidence: 100%
Detected patterns
  • google-analytics\.com/(?:ga|urchin|analytics)\.js
Overall confidence: 100%
Detected patterns
  • ([\d.]+)?/modernizr(?:\.([\d.]+))?.*\.js
Overall confidence: 100%
Detected patterns
  • https?://an\.yandex\.ru/
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?
Overall confidence: 100%
Detected patterns
  • jquery[.-]migrate(?:-([\d.]+))?(?:\.min)?\.js(?:\?ver=([\d.]+))?

Page Statistics

73
Requests

89 %
HTTPS

0 %
IPv6

22
Domains

26
Subdomains

20
IPs

4
Countries

952 kB
Transfer

2709 kB
Size

25
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 9
  • https://habrastorage.org/webt/xh/lo/ff/xhloffsphpuvv94fvx9-nykgx2w.jpeg HTTP 302
  • https://hsto.org/webt/xh/lo/ff/xhloffsphpuvv94fvx9-nykgx2w.jpeg
Request Chain 35
  • https://mc.yandex.com/sync_cookie_image_check?t=ti(4) HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9431.R08ZQ1p-i3X_cW5SlYICS_ivhCGvWAZzzSjeoSnkkyQvbDhJIs1Dv7kVLxA4qBoy.DV1htHwVC_JwiZLgQW6pRycyiIQ%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9431.b9ha1egz-tPDB0d0KxRLqpdOfG8_gUsrB5OEd9RPvuGjkyAtOPlRBFGRcBgwidLlre1bHRLsep466kfijkODYA%2C%2C.17XZKToBKUO6Tug16cpoJoEmQXo%2C
Request Chain 43
  • https://mc.yandex.com/watch/30246399?wmode=7&page-url=https%3A%2F%2Fitnan.ru%2Fpost.php%3Fc%3D1%26p%3D584232&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4phzhbdab9how441g%3Afp%3A439%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A675%3Acn%3A1%3Adp%3A0%3Als%3A812727676108%3Ahid%3A499062346%3Az%3A0%3Ai%3A202101019143547%3Aet%3A1634654148%3Ac%3A1%3Arn%3A692190678%3Arqn%3A1%3Au%3A1634654148837662602%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634654146921%3Ads%3A5%2C25%2C309%2C1%2C0%2C0%2C%2C114%2C2%2C%2C%2C%2C457%3Adsn%3A5%2C25%2C308%2C1%2C%2C0%2C%2C116%2C2%2C%2C%2C%2C457%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1634654148%3At%3A%EF%BB%BF%EF%BB%BFSecurity%20Week%2042%3A%20%D0%B0%D1%82%D0%B0%D0%BA%D0%B0%20MysterySnail%20%D0%B8%20zero-day%20%D0%B2%20Windows&t=gdpr(14)ti(2) HTTP 302
  • https://mc.yandex.com/watch/30246399/1?wmode=7&page-url=https%3A%2F%2Fitnan.ru%2Fpost.php%3Fc%3D1%26p%3D584232&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4phzhbdab9how441g%3Afp%3A439%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A675%3Acn%3A1%3Adp%3A0%3Als%3A812727676108%3Ahid%3A499062346%3Az%3A0%3Ai%3A202101019143547%3Aet%3A1634654148%3Ac%3A1%3Arn%3A692190678%3Arqn%3A1%3Au%3A1634654148837662602%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634654146921%3Ads%3A5%2C25%2C309%2C1%2C0%2C0%2C%2C114%2C2%2C%2C%2C%2C457%3Adsn%3A5%2C25%2C308%2C1%2C%2C0%2C%2C116%2C2%2C%2C%2C%2C457%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1634654148%3At%3A%EF%BB%BF%EF%BB%BFSecurity%20Week%2042%3A%20%D0%B0%D1%82%D0%B0%D0%BA%D0%B0%20MysterySnail%20%D0%B8%20zero-day%20%D0%B2%20Windows&t=gdpr%2814%29ti%282%29
Request Chain 51
  • https://counter.yadro.ru/hit;PLUSO?r;s1600*1200*24;uhttps%3A//itnan.ru/post.php%3Fc%3D1%26p%3D584232;h%uFEFF%uFEFFSecurity%20Week%2042%3A%20%u0430%u0442%u0430%u043A%u0430%20MysterySnail%20%u0438%20zero-day%20%u0432%20Windows;1 HTTP 302
  • https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttps%3A//itnan.ru/post.php%3Fc%3D1%26p%3D584232;h%uFEFF%uFEFFSecurity%20Week%2042%3A%20%u0430%u0442%u0430%u043A%u0430%20MysterySnail%20%u0438%20zero-day%20%u0432%20Windows;1
Request Chain 63
  • https://p1.ntvk1.ru/nps HTTP 302
  • https://optinder.com/cro
Request Chain 68
  • https://dmg.digitaltarget.ru/1/7259/i/i?i=69443963865716.170782369278673&c=tg:adcm_pc HTTP 302
  • https://dmg.digitaltarget.ru/1/7259/i/i?i=69443963865716.170782369278673&c=tg:adcm_pc&q=scc
Request Chain 69
  • https://dmg.digitaltarget.ru/1/6534/i/i?i=69443963865716.759575527636941&c=tg:adcm_pc HTTP 307
  • https://dmg.digitaltarget.ru/awg/custom/6534/i/i?call_source=awg&i=69443963865716.759575527636941&c=tg:adcm_pc HTTP 307
  • https://fnc.rt.ru/1/6532/i/i?i=VK3oorZoYPVUZXn7WuXy&c=tg:rds_6534 HTTP 302
  • https://fnc.rt.ru/1/6532/i/i?i=VK3oorZoYPVUZXn7WuXy&c=tg:rds_6534&q=scc
Request Chain 70
  • https://dmg.digitaltarget.ru/1/1086/i/i?i=69443963865716.760847946187742&a=86&e=5EFC831F4FD76E612F0B0786023C76CE&c=ss:86.up:5EFC831F4FD76E612F0B0786023C76CE.sync:up.xdua:duCM4xBq1m_f9Xkt_u59bsI6.xps:xps4ssKbHD0pQuYvz8Cwetewg.xga:GA1_2_504054274_1634654147.xgid:GA1_2_46580742_1634654147.dn:itnan__ru.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP 307
  • https://dmg.digitaltarget.ru/awg/custom/1086/i/i?call_source=awg&i=69443963865716.760847946187742&a=86&e=5EFC831F4FD76E612F0B0786023C76CE&c=ss:86.up:5EFC831F4FD76E612F0B0786023C76CE.sync:up.xdua:duCM4xBq1m_f9Xkt_u59bsI6.xps:xps4ssKbHD0pQuYvz8Cwetewg.xga:GA1_2_504054274_1634654147.xgid:GA1_2_46580742_1634654147.dn:itnan__ru.adcm:hit.tg:adcmjs_init%20adcmjs_noorient HTTP 307
  • https://matcher.upravel.com/m?id=cP37miK4cb9Zcfc7vg2s&src=amberdata&redirect=%2F%2Fdmg.digitaltarget.ru%2F1%2F6401%2Fi%2Fi%3F%26a%3D685%26e%3D%7BUSER_ID%7D%26rds%3D1086 HTTP 302
  • https://dmg.digitaltarget.ru/1/6401/i/i?&a=685&e=e3f49670-c1ed-4b62-8068-0428c3b9dd9f&rds=1086
Request Chain 71
  • https://dmg.digitaltarget.ru/1/1086/i/i?i=69443963865716.200585985521676&a=86&e=5EFC831F4FD76E612F0B0786023C76CE&c=ss:86.up:5EFC831F4FD76E612F0B0786023C76CE.sync:up.xdua:duCM4xBq1m_f9Xkt_u59bsI6.xps:xps4ssKbHD0pQuYvz8Cwetewg.xga:GA1_2_504054274_1634654147.xgid:GA1_2_46580742_1634654147.dn:itnan__ru.adcm:hit.tg:adcmjs_noorient HTTP 307
  • https://dmg.digitaltarget.ru/awg/custom/1086/i/i?call_source=awg&i=69443963865716.200585985521676&a=86&e=5EFC831F4FD76E612F0B0786023C76CE&c=ss:86.up:5EFC831F4FD76E612F0B0786023C76CE.sync:up.xdua:duCM4xBq1m_f9Xkt_u59bsI6.xps:xps4ssKbHD0pQuYvz8Cwetewg.xga:GA1_2_504054274_1634654147.xgid:GA1_2_46580742_1634654147.dn:itnan__ru.adcm:hit.tg:adcmjs_noorient HTTP 307
  • https://cm.p.altergeo.ru/pixel?url=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F2016%2Fi%2Fi%3Fa%3D216%26e%3D%24%7BUSER_ID%7D%26c%3Dpc%3A%24%7BCATS_ID%7D%26i%3D%24%7BRANDOM%7D%26rds%3D1086 HTTP 302
  • https://cm.p.altergeo.ru/pixel?url=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F2016%2Fi%2Fi%3Fa%3D216%26e%3D%24%7BUSER_ID%7D%26c%3Dpc%3A%24%7BCATS_ID%7D%26i%3D%24%7BRANDOM%7D%26rds%3D1086&cc=1 HTTP 302
  • https://dmg.digitaltarget.ru/1/2016/i/i?a=216&e=CMCnvw+j5CTOSfBwVHpB98wQ==&c=pc:&i=acf8a690&rds=1086

73 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request post.php
itnan.ru/ 		27 KB
8 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://itnan.ru/post.php?c=1&p=584232
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.130.25.91 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.91.25.130.94.clients.your-server.de
Software
Apache/2.4.25 (Debian) /
Resource Hash
6e63652214a0cbf519e042ceb1b2766fe30717f628e02c422a11bcac98e55c04
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Host
itnan.ru
Connection
keep-alive
Pragma
no-cache
Cache-Control
no-cache
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site
none
Sec-Fetch-Mode
navigate
Sec-Fetch-User
?1
Sec-Fetch-Dest
document
Accept-Encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9

Response headers

Date
Tue, 19 Oct 2021 14:35:46 GMT
Server
Apache/2.4.25 (Debian)
Strict-Transport-Security
max-age=31536000; preload
Vary
Accept-Encoding
Content-Encoding
gzip
Content-Length
8082
Keep-Alive
timeout=5, max=100
Connection
Keep-Alive
Content-Type
text/html; charset=UTF-8
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		143 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Requested by
Host: itnan.ru
URL: https://itnan.ru/post.php?c=1&p=584232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
b64cba4910c07d3567812af1133b2044622a6fe818b5ddd0a87c412896afb898
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://itnan.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 14:35:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50945
x-xss-protection
0
server
cafe
etag
11075621504444135468
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 19 Oct 2021 14:35:47 GMT
default.css
itnan.ru/css/ 		19 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://itnan.ru/css/default.css
Requested by
Host: itnan.ru
URL: https://itnan.ru/post.php?c=1&p=584232
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.130.25.91 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.91.25.130.94.clients.your-server.de
Software
Apache/2.4.25 (Debian) /
Resource Hash
ca8b950c8445a49a52cd5ed7b196ffbbb8087296f99e709eb7529aa50e9a926b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
itnan.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://itnan.ru/post.php?c=1&p=584232
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://itnan.ru/post.php?c=1&p=584232
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 19 Oct 2021 14:35:47 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Jul 2020 05:48:24 GMT
Server
Apache/2.4.25 (Debian)
ETag
"4b27-5aba23881678f-gzip"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; preload
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
4922
layout.css
itnan.ru/css/ 		16 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://itnan.ru/css/layout.css
Requested by
Host: itnan.ru
URL: https://itnan.ru/post.php?c=1&p=584232
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.130.25.91 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.91.25.130.94.clients.your-server.de
Software
Apache/2.4.25 (Debian) /
Resource Hash
524e44c0169d7b4312df53ae9a3420d8847c3beca8caace06037161b5b37236b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
itnan.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://itnan.ru/post.php?c=1&p=584232
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://itnan.ru/post.php?c=1&p=584232
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 19 Oct 2021 14:35:47 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Jul 2020 05:48:24 GMT
Server
Apache/2.4.25 (Debian)
ETag
"3f6a-5aba23881c550-gzip"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; preload
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
3840
media-queries.css
itnan.ru/css/ 		9 KB
3 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://itnan.ru/css/media-queries.css
Requested by
Host: itnan.ru
URL: https://itnan.ru/post.php?c=1&p=584232
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.130.25.91 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.91.25.130.94.clients.your-server.de
Software
Apache/2.4.25 (Debian) /
Resource Hash
ccf9e049aa8bf49098f9c06cfacbe0aa6685ada9c88781f5c4c1cf5bc3531286
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
itnan.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://itnan.ru/post.php?c=1&p=584232
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://itnan.ru/post.php?c=1&p=584232
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 19 Oct 2021 14:35:47 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Jul 2020 05:48:24 GMT
Server
Apache/2.4.25 (Debian)
ETag
"22ea-5aba23881d4f0-gzip"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; preload
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
2208
modernizr.js
itnan.ru/js/ 		15 KB
6 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://itnan.ru/js/modernizr.js
Requested by
Host: itnan.ru
URL: https://itnan.ru/post.php?c=1&p=584232
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.130.25.91 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.91.25.130.94.clients.your-server.de
Software
Apache/2.4.25 (Debian) /
Resource Hash
899c755c9d85a6a8ba4acece77ec818e24c6aed4c9e34ab10575c67a1926bbaa
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
itnan.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://itnan.ru/post.php?c=1&p=584232
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://itnan.ru/post.php?c=1&p=584232
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 19 Oct 2021 14:35:47 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Jul 2020 05:48:24 GMT
Server
Apache/2.4.25 (Debian)
ETag
"3b8b-5aba2388203d1-gzip"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; preload
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=97
Content-Length
6189
comments-24-1.png
itnan.ru/images/ 		174 B
511 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://itnan.ru/images/comments-24-1.png
Requested by
Host: itnan.ru
URL: https://itnan.ru/post.php?c=1&p=584232
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.130.25.91 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.91.25.130.94.clients.your-server.de
Software
Apache/2.4.25 (Debian) /
Resource Hash
d636f680b956f9fc59f321dea229ff4d5d6f86b22463809485f7b3e92c826bbd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
itnan.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://itnan.ru/post.php?c=1&p=584232
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://itnan.ru/post.php?c=1&p=584232
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 19 Oct 2021 14:35:47 GMT
Last-Modified
Thu, 30 Jul 2020 05:48:24 GMT
Server
Apache/2.4.25 (Debian)
ETag
"ae-5aba23881d4f0"
Strict-Transport-Security
max-age=31536000; preload
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
174
visible-26-1.png
itnan.ru/images/ 		508 B
846 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://itnan.ru/images/visible-26-1.png
Requested by
Host: itnan.ru
URL: https://itnan.ru/post.php?c=1&p=584232
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.130.25.91 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.91.25.130.94.clients.your-server.de
Software
Apache/2.4.25 (Debian) /
Resource Hash
291cca3bd4913e784747c9044649220bed8fc8cb9cf15d9af9db1e299d651b3e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
itnan.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://itnan.ru/post.php?c=1&p=584232
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://itnan.ru/post.php?c=1&p=584232
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 19 Oct 2021 14:35:47 GMT
Last-Modified
Thu, 30 Jul 2020 05:48:24 GMT
Server
Apache/2.4.25 (Debian)
ETag
"1fc-5aba2388203d1"
Strict-Transport-Security
max-age=31536000; preload
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
508
madrobots.png
itnan.ru/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://itnan.ru/madrobots.png
Requested by
Host: itnan.ru
URL: https://itnan.ru/post.php?c=1&p=584232
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.130.25.91 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.91.25.130.94.clients.your-server.de
Software
Apache/2.4.25 (Debian) /
Resource Hash
c98bfc997b6f14c9301cb80750de239febd6f778788734be5055f3c38598be79
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
itnan.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://itnan.ru/post.php?c=1&p=584232
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://itnan.ru/post.php?c=1&p=584232
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 19 Oct 2021 14:35:47 GMT
Last-Modified
Thu, 30 Jul 2020 05:48:24 GMT
Server
Apache/2.4.25 (Debian)
ETag
"6735-5aba2388203d1"
Strict-Transport-Security
max-age=31536000; preload
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
26421
fact-banner.png
itnan.ru/banner/ 		42 KB
43 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://itnan.ru/banner/fact-banner.png
Requested by
Host: itnan.ru
URL: https://itnan.ru/post.php?c=1&p=584232
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.130.25.91 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.91.25.130.94.clients.your-server.de
Software
Apache/2.4.25 (Debian) /
Resource Hash
7c86a0916a2d25b15ee96be760403c78ed2333a62c19696f478eea6aa04a1968
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
itnan.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://itnan.ru/post.php?c=1&p=584232
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://itnan.ru/post.php?c=1&p=584232
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 19 Oct 2021 14:35:47 GMT
Last-Modified
Mon, 18 Oct 2021 12:53:08 GMT
Server
Apache/2.4.25 (Debian)
ETag
"a968-5cea006dadac2"
Strict-Transport-Security
max-age=31536000; preload
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
43368
xhloffsphpuvv94fvx9-nykgx2w.jpeg
hsto.org/webt/xh/lo/ff/
Redirect Chain
  • https://habrastorage.org/webt/xh/lo/ff/xhloffsphpuvv94fvx9-nykgx2w.jpeg
  • https://hsto.org/webt/xh/lo/ff/xhloffsphpuvv94fvx9-nykgx2w.jpeg
22 KB
22 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://hsto.org/webt/xh/lo/ff/xhloffsphpuvv94fvx9-nykgx2w.jpeg
Requested by
Host: itnan.ru
URL: https://itnan.ru/post.php?c=1&p=584232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.26.12.161 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
d00f203352f44b1e5549752a31cc9998116210b59a217560090c01dd80f08719

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://itnan.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 14:35:47 GMT
cf-cache-status
HIT
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
age
21469
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
22298
last-modified
Mon, 18 Oct 2021 12:35:14 GMT
server
cloudflare
etag
"616d6a02-571a"
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary
Accept-Encoding
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=3veceosr6ZXYrLWA0mTYW7lFV3Bmgu6el4bm4tM%2Bwhuj%2FObOEtmLVpJ%2BnXeZcrLtfQURT7Tv6cE%2BciDnxMTdSmylWLg3ElzLMfvYJ9kJnue%2FT3E4lv6zhHQN"}],"group":"cf-nel","max_age":604800}
content-type
image/jpeg
access-control-allow-origin
*
expires
Thu, 31 Dec 2037 23:55:55 GMT
cache-control
max-age=315360000, public, proxy-revalidate
accept-ranges
bytes
cf-ray
6a0abc255cdc2788-PRG
cf-bgj
h2pri

Redirect headers

location
https://hsto.org/webt/xh/lo/ff/xhloffsphpuvv94fvx9-nykgx2w.jpeg
date
Tue, 19 Oct 2021 14:35:47 GMT
server
nginx
content-length
138
strict-transport-security
max-age=63072000; includeSubDomains; preload
content-type
text/html
adsbygoogle.js
pagead2.googlesyndication.com/pagead/js/ 		143 KB
50 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js?client=ca-pub-7911479585715549
Requested by
Host: itnan.ru
URL: https://itnan.ru/post.php?c=1&p=584232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
38b458870e9545f8512a1c0d9ce073e80d8dd2c2a087bb7bc4b969aac41521c4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
https://itnan.ru/
Origin
https://itnan.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 14:35:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
50923
x-xss-protection
0
server
cafe
etag
8068838971056031406
vary
Accept-Encoding, Origin
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
private, max-age=3600
timing-allow-origin
*
expires
Tue, 19 Oct 2021 14:35:47 GMT
vk.png
itnan.ru/images/ 		3 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://itnan.ru/images/vk.png
Requested by
Host: itnan.ru
URL: https://itnan.ru/post.php?c=1&p=584232
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.130.25.91 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.91.25.130.94.clients.your-server.de
Software
Apache/2.4.25 (Debian) /
Resource Hash
70dc71db05e73f02c2b3d0c6114a29021a6a575e39faa20a055d8635e0bf59bd
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
itnan.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://itnan.ru/post.php?c=1&p=584232
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://itnan.ru/post.php?c=1&p=584232
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 19 Oct 2021 14:35:47 GMT
Last-Modified
Thu, 30 Jul 2020 05:48:24 GMT
Server
Apache/2.4.25 (Debian)
ETag
"bc1-5aba2388203d1"
Strict-Transport-Security
max-age=31536000; preload
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=99
Content-Length
3009
facebook.png
itnan.ru/images/ 		3 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://itnan.ru/images/facebook.png
Requested by
Host: itnan.ru
URL: https://itnan.ru/post.php?c=1&p=584232
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.130.25.91 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.91.25.130.94.clients.your-server.de
Software
Apache/2.4.25 (Debian) /
Resource Hash
e559c1776e84e5be00a4527cc8eff3cc70c7325cccc46518f4925836573c9f53
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
itnan.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://itnan.ru/post.php?c=1&p=584232
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://itnan.ru/post.php?c=1&p=584232
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 19 Oct 2021 14:35:47 GMT
Last-Modified
Thu, 30 Jul 2020 05:48:24 GMT
Server
Apache/2.4.25 (Debian)
ETag
"dd8-5aba23881d4f0"
Strict-Transport-Security
max-age=31536000; preload
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=96
Content-Length
3544
twitter.png
itnan.ru/images/ 		4 KB
4 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://itnan.ru/images/twitter.png
Requested by
Host: itnan.ru
URL: https://itnan.ru/post.php?c=1&p=584232
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.130.25.91 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.91.25.130.94.clients.your-server.de
Software
Apache/2.4.25 (Debian) /
Resource Hash
6b8235409bc9c0675fd63e85619444eb4e9aa07fc9ee2726cbb26a397747399d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
itnan.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8
Cache-Control
no-cache
Sec-Fetch-Dest
image
Referer
https://itnan.ru/post.php?c=1&p=584232
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://itnan.ru/post.php?c=1&p=584232
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 19 Oct 2021 14:35:47 GMT
Last-Modified
Thu, 30 Jul 2020 05:48:24 GMT
Server
Apache/2.4.25 (Debian)
ETag
"fb8-5aba23881e490"
Strict-Transport-Security
max-age=31536000; preload
Content-Type
image/png
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=95
Content-Length
4024
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.10.2/ 		91 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://ajax.googleapis.com/ajax/libs/jquery/1.10.2/jquery.min.js
Requested by
Host: itnan.ru
URL: https://itnan.ru/post.php?c=1&p=584232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.234 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f10.1e100.net
Software
sffe /
Resource Hash
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://itnan.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 12:32:02 GMT
content-encoding
gzip
x-content-type-options
nosniff
age
7425
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
32954
x-xss-protection
0
last-modified
Tue, 03 Mar 2020 19:15:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type
text/javascript; charset=UTF-8
access-control-allow-origin
*
cache-control
public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges
bytes
timing-allow-origin
*
cross-origin-opener-policy-report-only
same-origin; report-to="hosted-libraries-pushers"
expires
Wed, 19 Oct 2022 12:32:02 GMT
jquery-migrate-1.2.1.min.js
itnan.ru/js/ 		7 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://itnan.ru/js/jquery-migrate-1.2.1.min.js
Requested by
Host: itnan.ru
URL: https://itnan.ru/post.php?c=1&p=584232
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.130.25.91 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.91.25.130.94.clients.your-server.de
Software
Apache/2.4.25 (Debian) /
Resource Hash
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
itnan.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://itnan.ru/post.php?c=1&p=584232
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://itnan.ru/post.php?c=1&p=584232
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 19 Oct 2021 14:35:47 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Jul 2020 05:48:24 GMT
Server
Apache/2.4.25 (Debian)
ETag
"1c1f-5aba2388203d1-gzip"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; preload
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
3063
main.js
itnan.ru/js/ 		2 KB
1 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://itnan.ru/js/main.js
Requested by
Host: itnan.ru
URL: https://itnan.ru/post.php?c=1&p=584232
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.130.25.91 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.91.25.130.94.clients.your-server.de
Software
Apache/2.4.25 (Debian) /
Resource Hash
1c4e7ed74d34e914d80f544d90fba1d8b7aedc27d92e7898562392846de2b58b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
itnan.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
script
Referer
https://itnan.ru/post.php?c=1&p=584232
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://itnan.ru/post.php?c=1&p=584232
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 19 Oct 2021 14:35:47 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Jul 2020 05:48:24 GMT
Server
Apache/2.4.25 (Debian)
ETag
"8c8-5aba2388203d1-gzip"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; preload
Content-Type
application/javascript
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
838
fonts.css
itnan.ru/css/ 		10 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://itnan.ru/css/fonts.css
Requested by
Host: itnan.ru
URL: https://itnan.ru/css/default.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.130.25.91 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.91.25.130.94.clients.your-server.de
Software
Apache/2.4.25 (Debian) /
Resource Hash
530c9d56afb8f4b6283bd0c7b5eb61c40729e5bf197d3edfd21e0b1491261fe3
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
itnan.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://itnan.ru/css/default.css
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://itnan.ru/css/default.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 19 Oct 2021 14:35:47 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Jul 2020 05:48:24 GMT
Server
Apache/2.4.25 (Debian)
ETag
"28c8-5aba23881772f-gzip"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; preload
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
908
font-awesome.min.css
itnan.ru/css/font-awesome/css/ 		17 KB
4 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://itnan.ru/css/font-awesome/css/font-awesome.min.css
Requested by
Host: itnan.ru
URL: https://itnan.ru/css/default.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.130.25.91 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.91.25.130.94.clients.your-server.de
Software
Apache/2.4.25 (Debian) /
Resource Hash
b12c1cd811f54d11bfdcb5e235e73934a8b8a7a85eafb8529117f9a5bb64ccf8
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Accept-Encoding
gzip, deflate, br
Host
itnan.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
no-cors
Accept
text/css,*/*;q=0.1
Cache-Control
no-cache
Sec-Fetch-Dest
style
Referer
https://itnan.ru/css/default.css
Connection
keep-alive
Accept-Language
de-DE,de;q=0.9
Referer
https://itnan.ru/css/default.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 19 Oct 2021 14:35:47 GMT
Content-Encoding
gzip
Last-Modified
Thu, 30 Jul 2020 05:48:24 GMT
Server
Apache/2.4.25 (Debian)
ETag
"4574-5aba23881678f-gzip"
Vary
Accept-Encoding
Strict-Transport-Security
max-age=31536000; preload
Content-Type
text/css
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=100
Content-Length
4011
merriweather-regular-webfont.woff
itnan.ru/css/fonts/merriweather/ 		29 KB
30 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://itnan.ru/css/fonts/merriweather/merriweather-regular-webfont.woff
Requested by
Host: itnan.ru
URL: https://itnan.ru/css/fonts.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.130.25.91 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.91.25.130.94.clients.your-server.de
Software
Apache/2.4.25 (Debian) /
Resource Hash
fa67be62b0c31f1c7ac251cebb7015c12022c7b05e49985ceac80e575a3a2b5b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://itnan.ru
Accept-Encoding
gzip, deflate, br
Host
itnan.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://itnan.ru/css/fonts.css
Connection
keep-alive
Referer
https://itnan.ru/css/fonts.css
Origin
https://itnan.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 19 Oct 2021 14:35:47 GMT
Last-Modified
Thu, 30 Jul 2020 05:48:24 GMT
Server
Apache/2.4.25 (Debian)
ETag
"75fc-5aba23881a610"
Strict-Transport-Security
max-age=31536000; preload
Content-Type
application/font-woff
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
30204
pluso-like.js
share.pluso.ru/ 		41 KB
14 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://share.pluso.ru/pluso-like.js
Requested by
Host: itnan.ru
URL: https://itnan.ru/post.php?c=1&p=584232
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.131.252.90 St Petersburg, Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
Software
nginx /
Resource Hash
911caca5bc85cfb1d49a79f02766a49df9b9f21f6280300acab7d8496dac6516
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://itnan.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 19 Oct 2021 14:35:47 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Last-Modified
Mon, 07 May 2018 16:54:52 GMT
Server
nginx
ETag
5900226606685286317
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-control
max-age=259200
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=5
X-XSS-Protection
1; mode=block
Expires
Fri, 22 Oct 2021 14:35:47 GMT
OpenSans-Bold-webfont.woff
itnan.ru/css/fonts/opensans/ 		22 KB
22 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://itnan.ru/css/fonts/opensans/OpenSans-Bold-webfont.woff
Requested by
Host: itnan.ru
URL: https://itnan.ru/css/fonts.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.130.25.91 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.91.25.130.94.clients.your-server.de
Software
Apache/2.4.25 (Debian) /
Resource Hash
a0357cb694b5284870c77c0dbcaf33f238004800419288afde313317b0dbd0b7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://itnan.ru
Accept-Encoding
gzip, deflate, br
Host
itnan.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://itnan.ru/css/fonts.css
Connection
keep-alive
Referer
https://itnan.ru/css/fonts.css
Origin
https://itnan.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 19 Oct 2021 14:35:47 GMT
Last-Modified
Thu, 30 Jul 2020 05:48:24 GMT
Server
Apache/2.4.25 (Debian)
ETag
"57a0-5aba23881a610"
Strict-Transport-Security
max-age=31536000; preload
Content-Type
application/font-woff
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
22432
merriweather-bold-webfont.woff
itnan.ru/css/fonts/merriweather/ 		31 KB
31 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://itnan.ru/css/fonts/merriweather/merriweather-bold-webfont.woff
Requested by
Host: itnan.ru
URL: https://itnan.ru/css/fonts.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.130.25.91 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.91.25.130.94.clients.your-server.de
Software
Apache/2.4.25 (Debian) /
Resource Hash
b8a4ca75bda70815996c8e0cadaf33c04de2a192b8a640638f07814a7953fc6e
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://itnan.ru
Accept-Encoding
gzip, deflate, br
Host
itnan.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://itnan.ru/css/fonts.css
Connection
keep-alive
Referer
https://itnan.ru/css/fonts.css
Origin
https://itnan.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 19 Oct 2021 14:35:47 GMT
Last-Modified
Thu, 30 Jul 2020 05:48:24 GMT
Server
Apache/2.4.25 (Debian)
ETag
"7bfc-5aba2388186cf"
Strict-Transport-Security
max-age=31536000; preload
Content-Type
application/font-woff
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=94
Content-Length
31740
OpenSans-Semibold-webfont.woff
itnan.ru/css/fonts/opensans/ 		22 KB
23 KB 		Font
General
Check archive.org
Download Go to
Full URL
https://itnan.ru/css/fonts/opensans/OpenSans-Semibold-webfont.woff
Requested by
Host: itnan.ru
URL: https://itnan.ru/css/fonts.css
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
94.130.25.91 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS
static.91.25.130.94.clients.your-server.de
Software
Apache/2.4.25 (Debian) /
Resource Hash
26b216fadb2ffcd542ca56c2d84f9918f62e40de89bf88b4211fffacd2a4ad83
Security Headers
Name Value
Strict-Transport-Security max-age=31536000; preload

Request headers

Pragma
no-cache
Sec-Fetch-Site
same-origin
Origin
https://itnan.ru
Accept-Encoding
gzip, deflate, br
Host
itnan.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Sec-Fetch-Mode
cors
Accept
*/*
Cache-Control
no-cache
Sec-Fetch-Dest
font
Referer
https://itnan.ru/css/fonts.css
Connection
keep-alive
Referer
https://itnan.ru/css/fonts.css
Origin
https://itnan.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 19 Oct 2021 14:35:47 GMT
Last-Modified
Thu, 30 Jul 2020 05:48:24 GMT
Server
Apache/2.4.25 (Debian)
ETag
"597c-5aba23881c550"
Strict-Transport-Security
max-age=31536000; preload
Content-Type
application/font-woff
Connection
Keep-Alive
Accept-Ranges
bytes
Keep-Alive
timeout=5, max=98
Content-Length
22908
context.js
an.yandex.ru/system/ 		301 KB
81 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/system/context.js
Requested by
Host: itnan.ru
URL: https://itnan.ru/post.php?c=1&p=584232
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
87.250.250.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
851cdd9c8f9511cf3106740adf5f6462058c9e2274ffe0968ba64247578d3cd9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://itnan.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
strict-transport-security
max-age=31536000
content-encoding
br
etag
1603294680
x-yandex-req-id
1634654147437956-1798330224651444210200376-production-app-host-man-pcode-59
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
private, max-age=3600
x-robots-tag
noindex, noarchive, nofollow
expires
Tue, 19 Oct 2021 15:35:47 GMT
watch.js
mc.yandex.ru/metrika/ 		129 KB
46 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: itnan.ru
URL: https://itnan.ru/post.php?c=1&p=584232
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
ecaf54043af605466fd9465aa2c331c2bcb5a0ab3e4cb9dc4ced21dc6e13f387
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://itnan.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 14:35:47 GMT
content-encoding
br
last-modified
Tue, 19 Oct 2021 13:56:08 GMT
etag
"616ea448-b692"
strict-transport-security
max-age=31536000
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
46738
expires
Tue, 19 Oct 2021 15:35:47 GMT
analytics.js
www.google-analytics.com/ 		48 KB
20 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/analytics.js
Requested by
Host: itnan.ru
URL: https://itnan.ru/post.php?c=1&p=584232
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62
Security Headers
Name Value
Strict-Transport-Security max-age=10886400; includeSubDomains; preload
X-Content-Type-Options nosniff

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://itnan.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

strict-transport-security
max-age=10886400; includeSubDomains; preload
content-encoding
gzip
x-content-type-options
nosniff
last-modified
Wed, 13 Oct 2021 16:38:54 GMT
server
Golfe2
age
6530
date
Tue, 19 Oct 2021 12:46:57 GMT
vary
Accept-Encoding
content-type
text/javascript
cache-control
public, max-age=7200
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
19747
expires
Tue, 19 Oct 2021 14:46:57 GMT
show_ads_impl_fy2019.js
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/ 		271 KB
97 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_fy2019.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
32c37d3ef21fb4793c7a9f4f6adf7e5d597e7fd0d7b8a89f793bb0b34c44ee53
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://itnan.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 14:35:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
99348
x-xss-protection
0
server
cafe
etag
17165115455200885443
vary
Accept-Encoding
content-type
text/javascript; charset=UTF-8
cache-control
private, max-age=1209600
timing-allow-origin
*
expires
Tue, 19 Oct 2021 14:35:47 GMT
zrt_lookup.html
googleads.g.doubleclick.net/pagead/html/r20211013/r20190131/ Frame 0A12 		10 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/html/r20211013/r20190131/zrt_lookup.html
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
8f297a42c731c5e6412ef47dff5d7697e142a28abe98d34b515951d40e5e9f7d
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/html/r20211013/r20190131/zrt_lookup.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://itnan.ru/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://itnan.ru/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
vary
Accept-Encoding
date
Mon, 18 Oct 2021 21:22:20 GMT
expires
Mon, 01 Nov 2021 21:22:20 GMT
content-type
text/html; charset=UTF-8
etag
9069739545958607985
x-content-type-options
nosniff
content-encoding
gzip
server
cafe
content-length
4691
x-xss-protection
0
age
62007
cache-control
public, max-age=1209600
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
collect
www.google-analytics.com/j/ 		2 B
22 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://www.google-analytics.com/j/collect?v=1&_v=j93&a=697767530&t=pageview&_s=1&dl=https%3A%2F%2Fitnan.ru%2Fpost.php%3Fc%3D1%26p%3D584232&ul=en-us&de=UTF-8&dt=%EF%BB%BF%EF%BB%BFSecurity%20Week%2042%3A%20%D0%B0%D1%82%D0%B0%D0%BA%D0%B0%20MysterySnail%20%D0%B8%20zero-day%20%D0%B2%20Windows&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=IEBAAEABAAAAAC~&jid=2091877811&gjid=20911272&cid=504054274.1634654147&tid=UA-57041028-6&_gid=46580742.1634654147&_r=1&_slc=1&z=212426633
Requested by
Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.185.238 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f14.1e100.net
Software
Golfe2 /
Resource Hash
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
Security Headers
Name Value
X-Content-Type-Options nosniff

Request headers

Referer
https://itnan.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
text/plain

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 14:35:47 GMT
x-content-type-options
nosniff
last-modified
Sun, 17 May 1998 03:00:00 GMT
server
Golfe2
content-type
text/plain
access-control-allow-origin
https://itnan.ru
cache-control
no-cache, no-store, must-revalidate
access-control-allow-credentials
true
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
2
expires
Fri, 01 Jan 1990 00:00:00 GMT
cookie.js
partner.googleadservices.com/gampad/ 		198 B
655 B 		Script
General
Check archive.org
Download Go to
Full URL
https://partner.googleadservices.com/gampad/cookie.js?domain=itnan.ru&callback=_gfp_s_&client=ca-pub-7911479585715549
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.181.226 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s56-in-f2.1e100.net
Software
cafe /
Resource Hash
16f220ae22621d8aa737049dfc981fa456efa6347ee01210192b0dc3e8b0e3c1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://itnan.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 14:35:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type
text/javascript; charset=UTF-8
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
timing-allow-origin
*
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
190
x-xss-protection
0
integrator.js
adservice.google.com/adsid/ 		107 B
570 B 		Script
General
Check archive.org
Download Go to
Full URL
https://adservice.google.com/adsid/integrator.js?domain=itnan.ru
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://itnan.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 19 Oct 2021 14:35:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control
private, no-cache, no-store
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/javascript; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
100
x-xss-protection
0
ads
googleads.g.doubleclick.net/pagead/ Frame 3776 		0
19 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7911479585715549&output=html&adk=1812271804&adf=3025194257&lmt=1634654147&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32&format=0x0&url=https%3A%2F%2Fitnan.ru%2Fpost.php%3Fc%3D1%26p%3D584232&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634654147394&bpp=2&bdt=130&idt=79&shv=r20211013&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8490783945233&frm=20&pv=2&ga_vid=504054274.1634654147&ga_sid=1634654147&ga_hid=697767530&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944%2C31062524&oid=2&pvsid=2806900943440570&pem=634&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=100
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7911479585715549&output=html&adk=1812271804&adf=3025194257&lmt=1634654147&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A34635776%2C32%3A32&format=0x0&url=https%3A%2F%2Fitnan.ru%2Fpost.php%3Fc%3D1%26p%3D584232&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634654147394&bpp=2&bdt=130&idt=79&shv=r20211013&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=8490783945233&frm=20&pv=2&ga_vid=504054274.1634654147&ga_sid=1634654147&ga_hid=697767530&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944%2C31062524&oid=2&pvsid=2806900943440570&pem=634&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=100
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://itnan.ru/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://itnan.ru/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
date
Tue, 19 Oct 2021 14:35:47 GMT
server
cafe
content-length
0
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 19-Oct-2021 14:50:47 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 19 Oct 2021 14:35:47 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame BA56 		430 B
230 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7911479585715549&output=html&h=600&slotname=5397894938&adk=1077623558&adf=2365329730&pi=t.ma~as.5397894938&w=1200&cr_col=4&cr_row=2&fwrn=2&lmt=1634654147&rafmt=9&psa=0&format=1200x600&url=https%3A%2F%2Fitnan.ru%2Fpost.php%3Fc%3D1%26p%3D584232&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634654147398&bpp=1&bdt=134&idt=111&shv=r20211013&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8490783945233&frm=20&pv=1&ga_vid=504054274.1634654147&ga_sid=1634654147&ga_hid=697767530&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=118&ady=1934&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944%2C31062524&oid=2&pvsid=2806900943440570&pem=634&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=x4Kbi7wmlR&p=https%3A//itnan.ru&dtd=117
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
ed092eae1ee2625dda949b1a3ed58d405bfbd8b07c4a286c4792e6d419acaea8
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7911479585715549&output=html&h=600&slotname=5397894938&adk=1077623558&adf=2365329730&pi=t.ma~as.5397894938&w=1200&cr_col=4&cr_row=2&fwrn=2&lmt=1634654147&rafmt=9&psa=0&format=1200x600&url=https%3A%2F%2Fitnan.ru%2Fpost.php%3Fc%3D1%26p%3D584232&flash=0&crui=image_stacked&fwr=0&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634654147398&bpp=1&bdt=134&idt=111&shv=r20211013&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0&nras=1&correlator=8490783945233&frm=20&pv=1&ga_vid=504054274.1634654147&ga_sid=1634654147&ga_hid=697767530&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=118&ady=1934&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944%2C31062524&oid=2&pvsid=2806900943440570&pem=634&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=2&uci=a!2&btvi=1&fsb=1&xpc=x4Kbi7wmlR&p=https%3A//itnan.ru&dtd=117
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://itnan.ru/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://itnan.ru/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 19 Oct 2021 14:35:47 GMT
server
cafe
content-length
207
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 19-Oct-2021 14:50:47 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 19 Oct 2021 14:35:47 GMT
cache-control
private
ads
googleads.g.doubleclick.net/pagead/ Frame F429 		430 B
230 B 		Document
General
Check archive.org
Download Go to
Full URL
https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7911479585715549&output=html&h=280&slotname=5272582481&adk=2875509146&adf=4185583258&pi=t.ma~as.5272582481&w=1200&fwrn=4&fwrnh=100&lmt=1634654147&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fitnan.ru%2Fpost.php%3Fc%3D1%26p%3D584232&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634654147399&bpp=1&bdt=136&idt=118&shv=r20211013&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x600&nras=1&correlator=8490783945233&frm=20&pv=1&ga_vid=504054274.1634654147&ga_sid=1634654147&ga_hid=697767530&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=118&ady=2564&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944%2C31062524&oid=2&pvsid=2806900943440570&pem=634&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=ZJiK8Hv9MY&p=https%3A//itnan.ru&dtd=121
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
172.217.16.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
zrh04s06-in-f130.1e100.net
Software
cafe /
Resource Hash
f3d9d8c9546a285acc07e0609c73c8b05721c9822e93f6dc083ca3aa09baf9bf
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
googleads.g.doubleclick.net
:scheme
https
:path
/pagead/ads?client=ca-pub-7911479585715549&output=html&h=280&slotname=5272582481&adk=2875509146&adf=4185583258&pi=t.ma~as.5272582481&w=1200&fwrn=4&fwrnh=100&lmt=1634654147&rafmt=1&psa=0&format=1200x280&url=https%3A%2F%2Fitnan.ru%2Fpost.php%3Fc%3D1%26p%3D584232&flash=0&fwr=0&fwrattr=true&rpe=1&resp_fmts=3&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIl0.&dt=1634654147399&bpp=1&bdt=136&idt=118&shv=r20211013&mjsv=m202110130101&ptt=9&saldr=aa&abxe=1&prev_fmts=0x0%2C1200x600&nras=1&correlator=8490783945233&frm=20&pv=1&ga_vid=504054274.1634654147&ga_sid=1634654147&ga_hid=697767530&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&adx=118&ady=2564&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=31062944%2C31062524&oid=2&pvsid=2806900943440570&pem=634&eae=0&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7CeEbr%7C&abl=CS&pfx=0&fu=128&bc=31&ifi=3&uci=a!3&btvi=2&fsb=1&xpc=ZJiK8Hv9MY&p=https%3A//itnan.ru&dtd=121
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://itnan.ru/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://itnan.ru/

Response headers

p3p
policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin
*
cross-origin-resource-policy
cross-origin
content-type
text/html; charset=UTF-8
x-content-type-options
nosniff
content-encoding
br
date
Tue, 19 Oct 2021 14:35:47 GMT
server
cafe
content-length
207
x-xss-protection
0
set-cookie
test_cookie=CheckForPermission; expires=Tue, 19-Oct-2021 14:50:47 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires
Tue, 19 Oct 2021 14:35:47 GMT
cache-control
private
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check?t=ti(4)
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9431.R08ZQ1p-i3X_cW5SlYICS_ivhCGvWAZzzSjeoSnkkyQvbDhJIs1Dv7kVLxA4qBoy.DV1htHwVC_JwiZLgQW6pRycyiIQ%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9431.b9ha1egz-tPDB0d0KxRLqpdOfG8_gUsrB5OEd9RPvuGjkyAtOPlRBFGRcBgwidLlre1bHRLsep466kfijkODYA%2C%2C.17XZKToBKUO6Tug16cpoJoEmQXo%2C
75 B
75 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9431.b9ha1egz-tPDB0d0KxRLqpdOfG8_gUsrB5OEd9RPvuGjkyAtOPlRBFGRcBgwidLlre1bHRLsep466kfijkODYA%2C%2C.17XZKToBKUO6Tug16cpoJoEmQXo%2C
Requested by
Host: itnan.ru
URL: https://itnan.ru/post.php?c=1&p=584232
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://itnan.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 14:35:47 GMT
strict-transport-security
max-age=31536000
content-length
75
x-xss-protection
1; mode=block
content-type
text/html; charset=utf-8

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9431.b9ha1egz-tPDB0d0KxRLqpdOfG8_gUsrB5OEd9RPvuGjkyAtOPlRBFGRcBgwidLlre1bHRLsep466kfijkODYA%2C%2C.17XZKToBKUO6Tug16cpoJoEmQXo%2C
date
Tue, 19 Oct 2021 14:35:47 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
136 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif?t=ti(4)
Requested by
Host: itnan.ru
URL: https://itnan.ru/post.php?c=1&p=584232
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://itnan.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 14:35:47 GMT
last-modified
Tue, 19 Oct 2021 10:30:32 GMT
etag
"616e7418-2b"
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Tue, 19 Oct 2021 15:35:47 GMT
4a5be553916a9e528536.js
yastatic.net/partner-code-bundles/45475/ 		13 KB
5 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/45475/4a5be553916a9e528536.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.217 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
e843ae28728902de46bcb8ad2623ab2a1caf63420d8ff94c3765030f1fc95f8d
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://itnan.ru/
Origin
https://itnan.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 14:35:47 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
4462
last-modified
Mon, 18 Oct 2021 17:05:28 GMT
server
nginx/1.17.9
etag
"576c5c7b1696a0f8c6bb7a621e75ddee"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Oct 2051 21:09:30 GMT
1ea1bc06a8f1b960f6d7.js
yastatic.net/partner-code-bundles/45475/ 		81 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/45475/1ea1bc06a8f1b960f6d7.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.217 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
8810d6c611d19829306909c4bfdb67e8aa83b8693f9df31ae94e03ab2f52051a
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://itnan.ru/
Origin
https://itnan.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 14:35:47 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
17387
last-modified
Mon, 18 Oct 2021 17:05:28 GMT
server
nginx/1.17.9
etag
"f658746858142f201523e5bf7f0e835c"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Oct 2051 21:09:29 GMT
host.js
yastatic.net/safeframe-bundles/0.82/ 		33 KB
9 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/safeframe-bundles/0.82/host.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.217 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
10c861bc88c25be1f3ee98f7652bc7fbb35857f42f923e00c6037b757c77685e
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://itnan.ru/
Origin
https://itnan.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 14:35:47 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
8879
last-modified
Mon, 28 Jun 2021 10:29:24 GMT
server
nginx/1.17.9
etag
"e4627697ff619d2b610d2b2fee975531"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Oct 2051 21:10:55 GMT
212621
an.yandex.ru/meta/ 		29 B
577 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://an.yandex.ru/meta/212621?target-ref=https%3A%2F%2Fitnan.ru%2Fpost.php%3Fc%3D1%26p%3D584232&charset=utf-8&pcode-test-ids=428758%2C0%2C19%3B434063%2C0%2C75%3B437232%2C0%2C55%3B434521%2C0%2C64%3B430931%2C0%2C82%3B436638%2C0%2C31%3B400734%2C0%2C62%3B438102%2C0%2C66%3B434214%2C0%2C17%3B429815%2C0%2C60%3B438207%2C0%2C2%3B438213%2C0%2C74%3B439166%2C0%2C6&pcode-flags-map=eJyNVV1vnDgU%2FS88T1ZgvvtmwMxYBYxsk6QbVRZJ6O5IdIgYUu226n%2FvBSbpmGlo5wEGwznn3uN7r78ZpMBRRlTMEhILdbOjkmRUSOPd3TfjS90%2BN8Y7Q%2FKKGBtjaI4DfYRnB4WmGxrfP26MhIoJn5AUV5lUckdyokheyg8qqTiWlBW%2F5fLtiSsnCcUqpUAXUQlYokpOGafAleJYMq4xmX%2BZ48%2B6YHMmtmuWVRBKVEnJCoULml8GMyd%2FQeBPBFVBU8YB9SeQ2Y14h4stmJnR%2BD1YwVm13amMbWmscUAuEMlLaC85apw28hGa88BCCTmZfE24WKbg2IHtmTo2dEx3wuIkZbcq57G6poJGNButBMkpQI2m%2Be9Jz8m3bfPFhozhhHAFbiicl%2Be4oX9uNFhghyeYIEoIrmixxFxqvYLSKssmVEl4TAo5eqdyIvE5ftp3S0vYddyZ4KUMR45588Q59M742hxAG67odLv6p27bpv8fHu%2F3bXvf1f0j%2FP%2B36%2Fdfu8NQt9qDaVsBLNSP9dOw%2F9LE3eEIFjwMXQ%2Brn7vHpj%2Fg0ztYeOqOQ9PHdd89H5v2HPdz6fi57gc17NvG%2BPjrnLiMVISLYtyBDG%2FFqpc%2FYbsIyuX8WwdZrv2GRF4qQYpERQTHiwK7UIByW6muCArsptCV7ywv8JC%2FQS7MDRduQRBYG5C3gmCD7NC1x5tr%2Bt4GeY7j2BtkIss0dUO8wEEnXQiWFIpFgvBFkkZzqO%2FbRo%2FYQyG09Gb1IxQG1pxWSm9JcqoexcGVpcLSEC8I55ETs7zkRIh5n1SOtbrXSzbwPGsCjc2lCnKjpvG3rhRCX2qJPAyt%2FoVjevMwlURIRW5LNc4P2NOUbsdeLMdBr4nAO8lZtuhI3w1OKRUSAw6m53ZqaA17Ie8jG2nnQgp4JT4U8TrOcdHsBi3KUWgyJWdJNR4tlJNYruPN0J7xMEzjETKpJ7%2BcAYuq8uw505IJCS02EayLvUK2GYswDCz6NwFvU3YO%2B1S3R200mnDMzWXynkQ4mmfw5BHm5Df7HlgmOg8yZllG4ovjDHBX%2B4fucGUt3EWW82bHro7z16aYkZxMG0NTBdeb8WCCPlw16w0GSXPCKrl%2BLLxCp6JdNrrjOr67aA%2FL8wDw%2FQeQ6pI1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=NRZcE1pKKgAL7lCtn71D8xp3A1oueNE1yo1Me064gAvvpLV2Nni42fpbNhOxfRrycSL9P27WtkpouKOK1XErCeckeiM%3D&duid=MTYzNDY1NDE0ODgzNzY2MjYwMg%3D%3D&imp-id=1&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=230399225626626&ad-session-id=1062781634654147556&target-id=17555496&tga-with-creatives=1&pcode-version=45475&pcodever=45475&flash-ver=0&available-width=1364&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.4%2C%22w%22%3A1364%2C%22h%22%3A0%2C%22width%22%3A1364%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A118%2C%22top%22%3A2564%2C%22fontFamily%22%3A%22roboto%22%2C%22ad_no%22%3A0%2C%22req_no%22%3A0%7D&grab-orig-len=276&grab=dO-7v--7v1NlY3VyaXR5IFdlZWsgNDI6INCw0YLQsNC60LAgTXlzdGVyeVNuYWlsINC4IHplcm8tZGF5INCyIFdpbmRvd3MKMlNlY3VyaXR5IFdlZWsgNDI6INCw0YLQsNC60LAgTXlzdGVyeVNuYWlsINC4IHplcm8tZGF5INCyIFdpbmRvd3MgKzkgCjPQp9GC0L4g0LXRidC1INC_0YDQvtC40LfQvtGI0LvQviAKM9Ca0L7QvNC80LXQvdGC0LDRgNC40LggKDApOiAK&uniformat=true&callback=Ya%5B1773516500630%5D
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
87.250.250.90 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
bs.yandex.ru
Software
/
Resource Hash
9196b60d8c3d08567e1730c77384a324a706df725226d3ae0a610b56c2cac747
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://itnan.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 14:35:47 GMT
content-encoding
gzip
last-modified
Tue, 19 Oct 2021 14:35:47 GMT
p3p
CP="NOI DEVa TAIa OUR BUS UNI STA"
x-yandex-req-id
1634654147597304-763860614480945229600342-production-app-host-sas-pcode-163
strict-transport-security
max-age=31536000
content-type
text/html; charset=windows-1251
access-control-allow-origin
https://itnan.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
timing-allow-origin
*
x-xss-protection
1; mode=block
expires
Tue, 19 Oct 2021 14:35:47 GMT
add7bc2c1b1dbdc32f6f.js
yastatic.net/partner-code-bundles/45475/ 		616 KB
125 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/45475/add7bc2c1b1dbdc32f6f.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.217 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
a26c8e8d3867cb6b70363852151a9f2d41ea40deca52b8183ea12f0b5ac99e6a
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://itnan.ru/
Origin
https://itnan.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 14:35:47 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
127681
last-modified
Mon, 18 Oct 2021 17:05:29 GMT
server
nginx/1.17.9
etag
"4272c91dc68f7285ed6dd076c7d6e5bc"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Oct 2051 21:09:30 GMT
d38b86c7aa3b4ddb89c9.js
yastatic.net/partner-code-bundles/45475/ 		337 KB
62 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/partner-code-bundles/45475/d38b86c7aa3b4ddb89c9.js
Requested by
Host: an.yandex.ru
URL: https://an.yandex.ru/system/context.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
178.154.131.217 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
static.yandex.net
Software
nginx/1.17.9 /
Resource Hash
956ea9d9ff85207b4b6c1d1419ee4f0d7cdb8be1c1aad97df366c069c8ac0662
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

Referer
https://itnan.ru/
Origin
https://itnan.ru
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 14:35:47 GMT
content-encoding
br
vary
Accept-Encoding
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
62572
last-modified
Mon, 18 Oct 2021 17:05:29 GMT
server
nginx/1.17.9
etag
"fb793bb47325bbc85db584e968c04e4a"
x-robots-tag
noindex, noarchive, nofollow
strict-transport-security
max-age=43200000; includeSubDomains;
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
text/javascript; charset=utf-8
access-control-allow-origin
*
cache-control
public, max-age=946708560
accept-ranges
bytes
timing-allow-origin
*
expires
Thu, 19 Oct 2051 21:09:30 GMT
1
mc.yandex.com/watch/30246399/
Redirect Chain
  • https://mc.yandex.com/watch/30246399?wmode=7&page-url=https%3A%2F%2Fitnan.ru%2Fpost.php%3Fc%3D1%26p%3D584232&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4phzhbdab9how441g%3Afp%3A439%3Afu%3...
  • https://mc.yandex.com/watch/30246399/1?wmode=7&page-url=https%3A%2F%2Fitnan.ru%2Fpost.php%3Fc%3D1%26p%3D584232&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4phzhbdab9how441g%3Afp%3A439%3Afu...
331 B
413 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/30246399/1?wmode=7&page-url=https%3A%2F%2Fitnan.ru%2Fpost.php%3Fc%3D1%26p%3D584232&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4phzhbdab9how441g%3Afp%3A439%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A675%3Acn%3A1%3Adp%3A0%3Als%3A812727676108%3Ahid%3A499062346%3Az%3A0%3Ai%3A202101019143547%3Aet%3A1634654148%3Ac%3A1%3Arn%3A692190678%3Arqn%3A1%3Au%3A1634654148837662602%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634654146921%3Ads%3A5%2C25%2C309%2C1%2C0%2C0%2C%2C114%2C2%2C%2C%2C%2C457%3Adsn%3A5%2C25%2C308%2C1%2C%2C0%2C%2C116%2C2%2C%2C%2C%2C457%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1634654148%3At%3A%EF%BB%BF%EF%BB%BFSecurity%20Week%2042%3A%20%D0%B0%D1%82%D0%B0%D0%BA%D0%B0%20MysterySnail%20%D0%B8%20zero-day%20%D0%B2%20Windows&t=gdpr%2814%29ti%282%29
Requested by
Host: itnan.ru
URL: https://itnan.ru/post.php?c=1&p=584232
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
04d78500f8ef8b9d12208ac6d7fbab701bf4fad63961fc3ad9b774eace7245f7
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://itnan.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 14:35:47 GMT
x-content-type-options
nosniff
last-modified
Tue, 19-Oct-2021 14:35:47 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://itnan.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
331
x-xss-protection
1; mode=block
expires
Tue, 19-Oct-2021 14:35:47 GMT

Redirect headers

pragma
no-cache
date
Tue, 19 Oct 2021 14:35:47 GMT
last-modified
Tue, 19-Oct-2021 14:35:47 GMT
location
/watch/30246399/1?wmode=7&page-url=https%3A%2F%2Fitnan.ru%2Fpost.php%3Fc%3D1%26p%3D584232&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4phzhbdab9how441g%3Afp%3A439%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A675%3Acn%3A1%3Adp%3A0%3Als%3A812727676108%3Ahid%3A499062346%3Az%3A0%3Ai%3A202101019143547%3Aet%3A1634654148%3Ac%3A1%3Arn%3A692190678%3Arqn%3A1%3Au%3A1634654148837662602%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1634654146921%3Ads%3A5%2C25%2C309%2C1%2C0%2C0%2C%2C114%2C2%2C%2C%2C%2C457%3Adsn%3A5%2C25%2C308%2C1%2C%2C0%2C%2C116%2C2%2C%2C%2C%2C457%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1634654148%3At%3A%EF%BB%BF%EF%BB%BFSecurity%20Week%2042%3A%20%D0%B0%D1%82%D0%B0%D0%BA%D0%B0%20MysterySnail%20%D0%B8%20zero-day%20%D0%B2%20Windows&t=gdpr%2814%29ti%282%29
strict-transport-security
max-age=31536000
access-control-allow-origin
https://itnan.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Tue, 19-Oct-2021 14:35:47 GMT
1
mc.yandex.com/watch/30246399/ 		43 B
100 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/30246399/1?page-url=https%3A%2F%2Fitnan.ru%2Fpost.php%3Fc%3D1%26p%3D584232&charset=utf-8&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A4phzhbdab9how441g%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A675%3Acn%3A1%3Adp%3A1%3Als%3A812727676108%3Ahid%3A499062346%3Az%3A0%3Ai%3A202101019143547%3Aet%3A1634654148%3Ac%3A1%3Arn%3A773966056%3Arqn%3A2%3Au%3A1634654148837662602%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1634654146921%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1634654148&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://itnan.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 14:35:47 GMT
last-modified
Tue, 19-Oct-2021 14:35:47 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://itnan.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 19-Oct-2021 14:35:47 GMT
212621
mc.yandex.com/watch/ 		312 B
346 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/212621?wmode=7&page-url=https%3A%2F%2Fitnan.ru%2Fpost.php%3Fc%3D1%26p%3D584232&nohit=1&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A4phzhbdab9how441g%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A675%3Acn%3A2%3Adp%3A1%3Als%3A356200140832%3Ahid%3A499062346%3Az%3A0%3Ai%3A202101019143547%3Aet%3A1634654148%3Ac%3A1%3Arn%3A615091033%3Au%3A1634654148837662602%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1634654146921%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1634654148%3At%3A%EF%BB%BF%EF%BB%BFSecurity%20Week%2042%3A%20%D0%B0%D1%82%D0%B0%D0%BA%D0%B0%20MysterySnail%20%D0%B8%20zero-day%20%D0%B2%20Windows&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
988e279526239a70ca349222cca686f41a006a073a61a107d8eaa136df8dad3b
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://itnan.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 14:35:47 GMT
x-content-type-options
nosniff
last-modified
Tue, 19-Oct-2021 14:35:47 GMT
strict-transport-security
max-age=31536000
content-type
application/json; charset=utf-8
access-control-allow-origin
https://itnan.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
312
x-xss-protection
1; mode=block
expires
Tue, 19-Oct-2021 14:35:47 GMT
1
mc.yandex.com/watch/212621/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/212621/1?page-url=https%3A%2F%2Fitnan.ru%2Fpost.php%3Fc%3D1%26p%3D584232&charset=utf-8&cnt-class=1&browser-info=pa%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A4phzhbdab9how441g%3Afp%3A439%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A675%3Acn%3A2%3Adp%3A1%3Als%3A356200140832%3Ahid%3A499062346%3Az%3A0%3Ai%3A202101019143547%3Aet%3A1634654148%3Ac%3A1%3Arn%3A790106017%3Arqn%3A1%3Au%3A1634654148837662602%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1634654146921%3Ads%3A5%2C25%2C309%2C1%2C0%2C0%2C%2C114%2C2%2C%2C%2C%2C457%3Adsn%3A5%2C25%2C308%2C1%2C%2C0%2C%2C116%2C2%2C%2C%2C%2C457%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1634654148&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Referer
https://itnan.ru/
Accept-Language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Content-Type
application/x-www-form-urlencoded

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 14:35:47 GMT
last-modified
Tue, 19-Oct-2021 14:35:47 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://itnan.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 19-Oct-2021 14:35:47 GMT
212621
mc.yandex.com/watch/ 		43 B
73 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/212621?page-url=https%3A%2F%2Fitnan.ru%2Fpost.php%3Fc%3D1%26p%3D584232&charset=utf-8&cnt-class=1&browser-info=pv%3A1%3Aar%3A1%3Agdpr%3A14%3Avf%3A4phzhbdab9how441g%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A675%3Acn%3A2%3Adp%3A1%3Als%3A356200140832%3Ahid%3A499062346%3Az%3A0%3Ai%3A202101019143547%3Aet%3A1634654148%3Ac%3A1%3Arn%3A584273350%3Arqn%3A2%3Au%3A1634654148837662602%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Aeu%3A1%3Ans%3A1634654146921%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1634654148%3At%3A%EF%BB%BF%EF%BB%BFSecurity%20Week%2042%3A%20%D0%B0%D1%82%D0%B0%D0%BA%D0%B0%20MysterySnail%20%D0%B8%20zero-day%20%D0%B2%20Windows&t=gdpr(14)ti(2)
Requested by
Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/watch.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
77.88.21.119 , Russian Federation, ASN13238 (YANDEX, RU),
Reverse DNS
mc.yandex.ru
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://itnan.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 14:35:47 GMT
last-modified
Tue, 19-Oct-2021 14:35:47 GMT
strict-transport-security
max-age=31536000
content-type
image/gif
access-control-allow-origin
https://itnan.ru
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
43
x-xss-protection
1; mode=block
expires
Tue, 19-Oct-2021 14:35:47 GMT
sodar
pagead2.googlesyndication.com/getconfig/ 		11 KB
8 KB 		XHR
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20211013&st=env
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_fy2019.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
a4dd8fa4b48fea11e0b0f1a5f66c5f3a8f7390bf5f2e441d4298269a6101b66a
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://itnan.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

timing-allow-origin
*
date
Tue, 19 Oct 2021 14:35:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
cafe
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin
*
cache-control
private
cross-origin-resource-policy
cross-origin
content-disposition
attachment; filename="f.txt"
content-type
application/json; charset=UTF-8
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
8522
x-xss-protection
0
process
share.pluso.ru/ 		130 B
601 B 		Script
General
Check archive.org
Download Go to
Full URL
https://share.pluso.ru/process?act=counter&u=https%3A%2F%2Fitnan.ru%2Fpost.php%3Fc%3D1%26p%3D584232&w=1600&h=1200&ref=&uid=5900226606685286317&k=pT92fEkuApi6bu1w&first=1
Requested by
Host: share.pluso.ru
URL: https://share.pluso.ru/pluso-like.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.131.252.90 St Petersburg, Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
Software
nginx /
Resource Hash
783d761e7033b02b9571f6cab5f4b1117fd71c649ce0456e2984761e5f9b2f70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://itnan.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 19 Oct 2021 14:35:47 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=259200
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=5
X-XSS-Protection
1; mode=block
Expires
Fri, 22 Oct 2021 14:35:47 GMT
process
share.pluso.ru/ 		130 B
601 B 		Script
General
Check archive.org
Download Go to
Full URL
https://share.pluso.ru/process?act=counter&u=https%3A%2F%2Fitnan.ru%2Fpost.php%3Fc%3D1%26p%3D584232&w=1600&h=1200&ref=&uid=5900226606685286317&k=60NOHaDKhZ2NK0Fn
Requested by
Host: share.pluso.ru
URL: https://share.pluso.ru/pluso-like.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.131.252.90 St Petersburg, Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
Software
nginx /
Resource Hash
783d761e7033b02b9571f6cab5f4b1117fd71c649ce0456e2984761e5f9b2f70
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://itnan.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 19 Oct 2021 14:35:47 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Server
nginx
Vary
Accept-Encoding
Content-Type
application/javascript
Cache-Control
max-age=259200
Transfer-Encoding
chunked
Connection
keep-alive
Keep-Alive
timeout=5
X-XSS-Protection
1; mode=block
Expires
Fri, 22 Oct 2021 14:35:47 GMT
hit;PLUSO
counter.yadro.ru/
Redirect Chain
  • https://counter.yadro.ru/hit;PLUSO?r;s1600*1200*24;uhttps%3A//itnan.ru/post.php%3Fc%3D1%26p%3D584232;h%uFEFF%uFEFFSecurity%20Week%2042%3A%20%u0430%u0442%u0430%u043A%u0430%20MysterySnail%20%u0438%20...
  • https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttps%3A//itnan.ru/post.php%3Fc%3D1%26p%3D584232;h%uFEFF%uFEFFSecurity%20Week%2042%3A%20%u0430%u0442%u0430%u043A%u0430%20MysterySnail%20%u0438%...
43 B
528 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttps%3A//itnan.ru/post.php%3Fc%3D1%26p%3D584232;h%uFEFF%uFEFFSecurity%20Week%2042%3A%20%u0430%u0442%u0430%u043A%u0430%20MysterySnail%20%u0438%20zero-day%20%u0432%20Windows;1
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_ECDSA, AES_128_GCM
Server
88.212.201.216 , Russian Federation, ASN39134 (UNITEDNET, RU),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
Security Headers
Name Value
Strict-Transport-Security max-age=86400

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://itnan.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Pragma
no-cache
Date
Tue, 19 Oct 2021 14:35:48 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Access-Control-Allow-Origin
*
Cache-control
no-cache
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
Expires
Sun, 18 Oct 2020 21:00:00 GMT

Redirect headers

Pragma
no-cache
Date
Tue, 19 Oct 2021 14:35:47 GMT
Server
nginx/1.17.9
Strict-Transport-Security
max-age=86400
P3P
policyref="/w3c/p3p.xml", CP="UNI"
Location
https://counter.yadro.ru/hit;PLUSO?q;r;s1600*1200*24;uhttps%3A//itnan.ru/post.php%3Fc%3D1%26p%3D584232;h%uFEFF%uFEFFSecurity%20Week%2042%3A%20%u0430%u0442%u0430%u043A%u0430%20MysterySnail%20%u0438%20zero-day%20%u0432%20Windows;1
Cache-control
no-cache
Connection
keep-alive
Content-Type
text/html
Content-Length
32
Expires
Sun, 18 Oct 2020 21:00:00 GMT
06.png
share.pluso.ru/img/pluso-like/square/medium/ 		23 KB
23 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://share.pluso.ru/img/pluso-like/square/medium/06.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.131.252.90 St Petersburg, Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
Software
nginx /
Resource Hash
a88d699bbf9f25fa9a614e4af43982e1096bd9f918a3f5adcaace243ae5cfebc
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://itnan.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 19 Oct 2021 14:35:47 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 13 Apr 2015 11:02:40 GMT
Server
nginx
ETag
"552ba250-5b8f"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
23439
X-XSS-Protection
1; mode=block
plus.png
share.pluso.ru/img/ 		2 KB
3 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://share.pluso.ru/img/plus.png
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.131.252.90 St Petersburg, Russian Federation, ASN50340 (SELECTEL-MSK, RU),
Reverse DNS
Software
nginx /
Resource Hash
784eb14774a9a419af32c02c2d16cf197ef2701afc2ea65b58c3a574ed5458bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://itnan.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 19 Oct 2021 14:35:47 GMT
X-Content-Type-Options
nosniff
Last-Modified
Mon, 13 Apr 2015 11:02:40 GMT
Server
nginx
ETag
"552ba250-98a"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Keep-Alive
timeout=5
Content-Length
2442
X-XSS-Protection
1; mode=block
kb.js
kitbit.net/ 		1 KB
2 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://kitbit.net/kb.js
Requested by
Host: share.pluso.ru
URL: https://share.pluso.ru/pluso-like.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.131.252.94 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
f6480760cf4dd957c58150ae08d65c5ea5b38a68a6eeb20db7ddd24af6535df1
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://itnan.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 19 Oct 2021 14:33:51 GMT
X-Content-Type-Options
nosniff
Server
nginx
ETag
H4P8XmFu10+GBwsvznY8Ag==
Transfer-Encoding
chunked
P3P
CP="NOI DSP COR NID CUR PSA OUR NOR"
Cache-Control
max-age=21600, private
Connection
keep-alive
Content-Type
application/javascript
X-XSS-Protection
1; mode=block
Expires
Tue, 19 Oct 2021 20:33:51 GMT
sodar2.js
tpc.googlesyndication.com/sodar/ 		17 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2.js
Requested by
Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202110130101/show_ads_impl_fy2019.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://itnan.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 14:35:47 GMT
content-encoding
gzip
x-content-type-options
nosniff
server
sffe
etag
"1624308425655142"
vary
Accept-Encoding
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type
text/javascript
cache-control
private, max-age=3000
accept-ranges
bytes
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
6467
x-xss-protection
0
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
expires
Tue, 19 Oct 2021 14:35:47 GMT
runner.html
tpc.googlesyndication.com/sodar/sodar2/224/ Frame 5EDD 		12 KB
5 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.184.225 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s12-in-f1.1e100.net
Software
sffe /
Resource Hash
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

:method
GET
:authority
tpc.googlesyndication.com
:scheme
https
:path
/sodar/sodar2/224/runner.html
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://itnan.ru/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://itnan.ru/

Response headers

accept-ranges
bytes
vary
Accept-Encoding
content-encoding
gzip
content-type
text/html
cross-origin-resource-policy
cross-origin
cross-origin-opener-policy-report-only
same-origin; report-to="adspam-signals-scs"
report-to
{"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-length
5029
date
Tue, 19 Oct 2021 14:34:04 GMT
expires
Wed, 19 Oct 2022 14:34:04 GMT
last-modified
Wed, 02 Jun 2021 17:09:45 GMT
x-content-type-options
nosniff
server
sffe
x-xss-protection
0
cache-control
public, max-age=31536000
age
103
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
aframe
www.google.com/recaptcha/api2/ Frame 6CF4 		783 B
1 KB 		Document
General
Check archive.org
Download Go to
Full URL
https://www.google.com/recaptcha/api2/aframe
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
142.250.185.228 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra16s53-in-f4.1e100.net
Software
GSE /
Resource Hash
cb7f3c795a4867454af57a3769f3d55bfd10620729e56ee979817b0633e969ad
Security Headers
Name Value
Content-Security-Policy script-src 'report-sample' 'nonce-coexSyfGKo7n686JBuDGgQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

:method
GET
:authority
www.google.com
:scheme
https
:path
/recaptcha/api2/aframe
pragma
no-cache
cache-control
no-cache
upgrade-insecure-requests
1
user-agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
accept-language
de-DE,de;q=0.9
accept
text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site
cross-site
sec-fetch-mode
navigate
sec-fetch-dest
iframe
referer
https://itnan.ru/
accept-encoding
gzip, deflate, br
Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36
Accept-Language
de-DE,de;q=0.9
Referer
https://itnan.ru/

Response headers

cross-origin-resource-policy
cross-origin
cross-origin-embedder-policy-report-only
require-corp; report-to="recaptcha"
report-to
{"group":"recaptcha","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/recaptcha"}]}
expires
Tue, 19 Oct 2021 14:35:47 GMT
date
Tue, 19 Oct 2021 14:35:47 GMT
cache-control
private, max-age=300
content-type
text/html; charset=utf-8
content-security-policy
script-src 'report-sample' 'nonce-coexSyfGKo7n686JBuDGgQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri https://csp.withgoogle.com/csp/recaptcha/1
content-encoding
gzip
x-content-type-options
nosniff
x-xss-protection
1; mode=block
content-length
512
server
GSE
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
sodar
pagead2.googlesyndication.com/pagead/ Frame 6CF4 		0
0 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/sodar?id=sodar2&v=224&li=gda_r20211013&jk=2806900943440570&rc=
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
/
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://www.google.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers
YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js
pagead2.googlesyndication.com/bg/ Frame 5EDD 		35 KB
13 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://pagead2.googlesyndication.com/bg/YBeW4A8KRQKaUXRhZhiUEBaonRmLgznW2QKT5Kp-z2M.js
Requested by
Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/224/runner.html
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
sffe /
Resource Hash
601796e00f0a45029a5174616618941016a89d198b8339d6d90293e4aa7ecf63
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://tpc.googlesyndication.com/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 10:15:46 GMT
content-encoding
br
x-content-type-options
nosniff
age
15601
content-security-policy-report-only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy
cross-origin
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
13430
x-xss-protection
0
last-modified
Mon, 11 Oct 2021 11:08:00 GMT
server
sffe
vary
Accept-Encoding
report-to
{"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type
text/javascript
cache-control
public, max-age=31536000
accept-ranges
bytes
cross-origin-opener-policy-report-only
same-origin; report-to="botguard-scs"
expires
Wed, 19 Oct 2022 10:15:46 GMT
adcm.js
tag.digitaltarget.ru/ 		3 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.digitaltarget.ru/adcm.js
Requested by
Host: kitbit.net
URL: https://kitbit.net/kb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.15.175.132 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software
nginx /
Resource Hash
40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://itnan.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 19 Oct 2021 14:35:48 GMT
Last-Modified
Thu, 14 Oct 2021 23:50:04 GMT
Server
nginx
ETag
"6168c22c-beb"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
3051
s.js
kitbit.net/ 		1 B
303 B 		Script
General
Check archive.org
Download Go to
Full URL
https://kitbit.net/s.js?u=https%3A%2F%2Fitnan.ru%2Fpost.php%3Fc%3D1%26p%3D584232
Requested by
Host: kitbit.net
URL: https://kitbit.net/kb.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.131.252.94 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
41b805ea7ac014e23556e98bb374702a08344268f92489a02f0880849394a1e4
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://itnan.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 19 Oct 2021 14:33:51 GMT
X-Content-Type-Options
nosniff
Server
nginx
Transfer-Encoding
chunked
Content-Type
application/javascript
Cache-Control
no-cache
Connection
keep-alive
X-XSS-Protection
1; mode=block
Expires
Tue, 19 Oct 2021 14:33:50 GMT
h.gif
kitbit.net/ 		43 B
537 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://kitbit.net/h.gif?r=&s=1600*1200*24&u=https%3A//itnan.ru/post.php%3Fc%3D1%26p%3D584232&h=%uFEFF%uFEFFSecurity%20Week%2042%3A%20%u0430%u0442%u0430%u043A%u0430%20MysterySnail%20%u0438%20zero-day%20%u0432%20Windows%26kbuid%3D5EFC831F4FD76E612F0B0786023C76CE
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
31.131.252.94 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),
Reverse DNS
Software
nginx /
Resource Hash
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://itnan.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 19 Oct 2021 14:33:51 GMT
X-Content-Type-Options
nosniff
Server
nginx
ETag
H4P8XmFu10+GBwsvznZAAg==
P3P
CP="NOI DSP COR NID CUR PSA OUR NOR"
Cache-Control
max-age=0, private, must-revalidate
Connection
keep-alive
Content-Type
image/gif
Content-Length
43
X-XSS-Protection
1; mode=block
Expires
Tue, 19 Oct 2021 14:33:51 GMT
cro
optinder.com/
Redirect Chain
  • https://p1.ntvk1.ru/nps
  • https://optinder.com/cro
0
531 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://optinder.com/cro
Protocol
H2
Security
TLS 1.3, , AES_128_GCM
Server
104.21.21.220 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software
cloudflare /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://itnan.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

date
Tue, 19 Oct 2021 14:35:48 GMT
cf-cache-status
DYNAMIC
nel
{"success_fraction":0,"report_to":"cf-nel","max_age":604800}
server
cloudflare
expect-ct
max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
report-to
{"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=z0FiApMK75HKA5lD1gI6yasKKQGwpg266pZREZMjKFVocCFhXW%2F%2B5ak09XKbManj1A2na9A2jubcvs7XGuIZeu7XgjCcMszE8yx7NdXoP68w4xS6zFiBT47ROa82Ek8%3D"}],"group":"cf-nel","max_age":604800}
content-type
application/octet-stream
cf-ray
6a0abc2a59b24e5b-FRA
alt-svc
h3=":443"; ma=86400, h3-29=":443"; ma=86400, h3-28=":443"; ma=86400, h3-27=":443"; ma=86400
content-length
0

Redirect headers

x-77-nzt
Abk73BBLbZSB
date
Tue, 19 Oct 2021 14:35:48 GMT
last-modified
Tue, 19 Oct 2021 14:35:47 GMT
server
CDN77-Turbo
x-77-nzt-ray
V3Oo9vVTPKU=
x-77-cache
MISS
content-type
text/html; charset=UTF-8
location
//optinder.com/cro
cache-control
no-cache, no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0, post-check=0, pre-check=0
x-cache
MISS
x-77-pop
frankfurtDE
content-length
0
x-request-id
606098883-1-1634654148.162
expires
Tue, 19 Oct 2021 14:35:47 GMT
sud
ut9.rktch.com/ 		88 B
88 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://ut9.rktch.com/sud
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server
89.108.97.2 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
d50603.reg.regrucolo.ru
Software
nginx/1.18.0 /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://itnan.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 19 Oct 2021 14:35:48 GMT
Server
nginx/1.18.0
Connection
keep-alive
Content-Length
88
Content-Type
image/png
gen_204
pagead2.googlesyndication.com/pagead/ 		0
20 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=224&t=2&li=gda_r20211013&jk=2806900943440570&bg=!UVKlUhbNAAao6lBpqOo7ACkAdvg8WiCJm3j9j6bH2H5Qx4C7XDRU7f1NUFArzvSgWNfyD-BzlcjoIQIAAABpUgAAAA1oAQcKAJ3Z6h5numm73TmKy2dAeLPqfTLVCDER3b3G38yhwySSzwkG-ORU7ISuDJGL7-WfXTCK047X4kstN_fCrwaG_j8BPGFhU5-pn0ISiL7sn3OX-rZk0Vvb3w2R_vGiDFu6gPK-4df3Ld7mykLoy11a51wKnnk2eV-pQPK6YaNpfP1QBFULNUyjqNH-4P7keKEhsQvxMnIAWayyn30lsv3OmQKpX_2wctgUmfN9eFTUgVL8VEn95gdAP9a-X5Ujqdn9FirHmOS4MnhQ7dI1_vSZIFOLrD-jvNMiL0X5hLcRUb5CYFNfyLOjZy-8kUZuY16jaj27wGLuqq0vuqCe6dLLq_pYx6UiDlSmc3enABel6p0tmikaaeqvIJE3BWpDCvvs9Dkids_1g-220TDzF4lt82two5AyXYO3C_qZ8AWpOWanPdsk3PMGvP3ksfzcPWiHzU_U-j53xEEaURQB1tjZurbe8qEF31j97KNASjjm_TVxqpKJL1-GB4fK_rEf1wgyCjoh4MuJWsYToM7T84rFKfDZ7hILnqn8obWsY61qChDldqCv2dqGtUKodnOJ8Lh32hVcBdeDsv9JEj1yEfGcBZCQW6rTCy1S59hJL15nZ06JHjU0z31MZ6LqzsvByySm_5IiKbHyJBjg0Kw48hvAvqD5sW-bSWNc2OJOobEumxew5rDXrBcMmgD6ebMAwO_nG-yIoQdWqonNr3uU8p0gzRi4WjMktOJps3GYle15unSZOb5436D6gj4EwybtWnwwm14LNZOjzLEoraQx3CR1aPUF5h4Ye3xHS-0q1_ecE8AL49x0JYKyv9cFnFecPbgYMcQBeEsGNjw-w1w0SdrgeaQdNR-hJzx4zK4rlT19FsAx3inB8Yi-LIm9BBc2zmdimTSO1N15LszOo8QuC1frJq_xp29XY3ujtpchmZ6rRH78TT2KWvVdW3DC9mSNW5YYkD2vxMI_OGBSl9GjETHuLUppTUaxzwzT-3C3MEVAJ68dRPqh4Qlx1pbbhFtikiADE3K6bGuXhvK4Bym64MnFh9vsaMLCawsrOrEPIgY55ayAV4297bR5rU12nbrRIdtRtOSn1DeGsHLWV1YCpizkGh5cTOnVnpqWyfXH
Protocol
H3
Security
QUIC, , AES_128_GCM
Server
142.250.186.130 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
fra24s07-in-f2.1e100.net
Software
cafe /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://itnan.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

pragma
no-cache
date
Tue, 19 Oct 2021 14:35:48 GMT
x-content-type-options
nosniff
server
cafe
timing-allow-origin
*
p3p
policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control
no-cache, must-revalidate
cross-origin-resource-policy
cross-origin
content-type
image/gif
alt-svc
h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length
0
x-xss-protection
0
expires
Fri, 01 Jan 1990 00:00:00 GMT
processor.js
tag.digitaltarget.ru/ 		15 KB
15 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.digitaltarget.ru/processor.js?i=284679620673234
Requested by
Host: tag.digitaltarget.ru
URL: https://tag.digitaltarget.ru/adcm.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.15.175.132 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software
nginx /
Resource Hash
9a6b50131cc9b2e010aafa2e58d6a1672df5781ebee2120a2e80e04db9d89007

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://itnan.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 19 Oct 2021 14:35:48 GMT
Last-Modified
Thu, 14 Oct 2021 23:50:04 GMT
Server
nginx
ETag
"6168c22c-3cc1"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
15553
extension_1086.js
tag.digitaltarget.ru/extensions/ 		475 B
719 B 		Script
General
Check archive.org
Download Go to
Full URL
https://tag.digitaltarget.ru/extensions/extension_1086.js?i=758088048674481
Requested by
Host: tag.digitaltarget.ru
URL: https://tag.digitaltarget.ru/adcm.js
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.15.175.132 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software
nginx /
Resource Hash
ea5267ab8f48df1f085df89f320a63ffe30ae68c5b02d85ec0437e4cdcb6b7de

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://itnan.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 19 Oct 2021 14:35:48 GMT
Last-Modified
Thu, 14 Oct 2021 23:50:05 GMT
Server
nginx
ETag
"6168c22d-1db"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
475
i
dmg.digitaltarget.ru/1/7259/i/
Redirect Chain
  • https://dmg.digitaltarget.ru/1/7259/i/i?i=69443963865716.170782369278673&c=tg:adcm_pc
  • https://dmg.digitaltarget.ru/1/7259/i/i?i=69443963865716.170782369278673&c=tg:adcm_pc&q=scc
0
452 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmg.digitaltarget.ru/1/7259/i/i?i=69443963865716.170782369278673&c=tg:adcm_pc&q=scc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.15.175.145 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://itnan.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 19 Oct 2021 14:35:48 GMT
Server
nginx
Connection
keep-alive
Content-Type
Not found: placement 7259
Transfer-Encoding
chunked
P3P
policyref="http://dmg.digitaltarget.ru/p3p.xml", CP="NON NID PSAa PSDa OUR BUS COM NAV DEM STA PRE"

Redirect headers

Location
/1/7259/i/i?i=69443963865716.170782369278673&c=tg:adcm_pc&q=scc
Date
Tue, 19 Oct 2021 14:35:48 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
P3P
policyref="http://dmg.digitaltarget.ru/p3p.xml", CP="NON NID PSAa PSDa OUR BUS COM NAV DEM STA PRE"
i
fnc.rt.ru/1/6532/i/
Redirect Chain
  • https://dmg.digitaltarget.ru/1/6534/i/i?i=69443963865716.759575527636941&c=tg:adcm_pc
  • https://dmg.digitaltarget.ru/awg/custom/6534/i/i?call_source=awg&i=69443963865716.759575527636941&c=tg:adcm_pc
  • https://fnc.rt.ru/1/6532/i/i?i=VK3oorZoYPVUZXn7WuXy&c=tg:rds_6534
  • https://fnc.rt.ru/1/6532/i/i?i=VK3oorZoYPVUZXn7WuXy&c=tg:rds_6534&q=scc
0
430 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://fnc.rt.ru/1/6532/i/i?i=VK3oorZoYPVUZXn7WuXy&c=tg:rds_6534&q=scc
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.15.175.137 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software
nginx /
Resource Hash
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://itnan.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 19 Oct 2021 14:35:48 GMT
Server
nginx
Connection
keep-alive
Content-Type
Not found: placement 6532
Transfer-Encoding
chunked
P3P
policyref="http://fnc.rt.ru/p3p.xml", CP="NON NID PSAa PSDa OUR BUS COM NAV DEM STA PRE"

Redirect headers

Location
/1/6532/i/i?i=VK3oorZoYPVUZXn7WuXy&c=tg:rds_6534&q=scc
Date
Tue, 19 Oct 2021 14:35:48 GMT
Server
nginx
Connection
keep-alive
Content-Length
0
P3P
policyref="http://fnc.rt.ru/p3p.xml", CP="NON NID PSAa PSDa OUR BUS COM NAV DEM STA PRE"
i
dmg.digitaltarget.ru/1/6401/i/
Redirect Chain
  • https://dmg.digitaltarget.ru/1/1086/i/i?i=69443963865716.760847946187742&a=86&e=5EFC831F4FD76E612F0B0786023C76CE&c=ss:86.up:5EFC831F4FD76E612F0B0786023C76CE.sync:up.xdua:duCM4xBq1m_f9Xkt_u59bsI6.xp...
  • https://dmg.digitaltarget.ru/awg/custom/1086/i/i?call_source=awg&i=69443963865716.760847946187742&a=86&e=5EFC831F4FD76E612F0B0786023C76CE&c=ss:86.up:5EFC831F4FD76E612F0B0786023C76CE.sync:up.xdua:du...
  • https://matcher.upravel.com/m?id=cP37miK4cb9Zcfc7vg2s&src=amberdata&redirect=%2F%2Fdmg.digitaltarget.ru%2F1%2F6401%2Fi%2Fi%3F%26a%3D685%26e%3D%7BUSER_ID%7D%26rds%3D1086
  • https://dmg.digitaltarget.ru/1/6401/i/i?&a=685&e=e3f49670-c1ed-4b62-8068-0428c3b9dd9f&rds=1086
49 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmg.digitaltarget.ru/1/6401/i/i?&a=685&e=e3f49670-c1ed-4b62-8068-0428c3b9dd9f&rds=1086
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.15.175.145 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software
nginx /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://itnan.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 19 Oct 2021 14:35:48 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Request-Time
38
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
64
X-XSS-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Server
nginx
X-Frame-Options
DENY
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Credentials
true

Redirect headers

date
Tue, 19 Oct 2021 14:35:48 GMT
server
nginx
location
https://dmg.digitaltarget.ru/1/6401/i/i?&a=685&e=e3f49670-c1ed-4b62-8068-0428c3b9dd9f&rds=1086
access-control-allow-methods
GET, POST, OPTIONS
access-control-allow-origin
*
access-control-expose-headers
Content-Length,Content-Range
access-control-allow-credentials
true
access-control-allow-headers
DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range
content-length
0
i
dmg.digitaltarget.ru/1/2016/i/
Redirect Chain
  • https://dmg.digitaltarget.ru/1/1086/i/i?i=69443963865716.200585985521676&a=86&e=5EFC831F4FD76E612F0B0786023C76CE&c=ss:86.up:5EFC831F4FD76E612F0B0786023C76CE.sync:up.xdua:duCM4xBq1m_f9Xkt_u59bsI6.xp...
  • https://dmg.digitaltarget.ru/awg/custom/1086/i/i?call_source=awg&i=69443963865716.200585985521676&a=86&e=5EFC831F4FD76E612F0B0786023C76CE&c=ss:86.up:5EFC831F4FD76E612F0B0786023C76CE.sync:up.xdua:du...
  • https://cm.p.altergeo.ru/pixel?url=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F2016%2Fi%2Fi%3Fa%3D216%26e%3D%24%7BUSER_ID%7D%26c%3Dpc%3A%24%7BCATS_ID%7D%26i%3D%24%7BRANDOM%7D%26rds%3D1086
  • https://cm.p.altergeo.ru/pixel?url=https%3A%2F%2Fdmg.digitaltarget.ru%2F1%2F2016%2Fi%2Fi%3Fa%3D216%26e%3D%24%7BUSER_ID%7D%26c%3Dpc%3A%24%7BCATS_ID%7D%26i%3D%24%7BRANDOM%7D%26rds%3D1086&cc=1
  • https://dmg.digitaltarget.ru/1/2016/i/i?a=216&e=CMCnvw+j5CTOSfBwVHpB98wQ==&c=pc:&i=acf8a690&rds=1086
49 B
603 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://dmg.digitaltarget.ru/1/2016/i/i?a=216&e=CMCnvw+j5CTOSfBwVHpB98wQ==&c=pc:&i=acf8a690&rds=1086
Protocol
HTTP/1.1
Security
TLS 1.2, ECDHE_RSA, AES_128_GCM
Server
185.15.175.145 , Russian Federation, ASN43226 (SAFEDATA Uplinks, RU),
Reverse DNS
Software
nginx /
Resource Hash
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options DENY
X-Xss-Protection 1; mode=block

Request headers

Accept-Language
de-DE,de;q=0.9
Referer
https://itnan.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.63 Safari/537.36

Response headers

Date
Tue, 19 Oct 2021 14:35:48 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
X-Permitted-Cross-Domain-Policies
master-only
Request-Time
25
Connection
keep-alive
Vary
Accept-Encoding
Content-Length
64
X-XSS-Protection
1; mode=block
Referrer-Policy
origin-when-cross-origin, strict-origin-when-cross-origin
Server
nginx
X-Frame-Options
DENY
Access-Control-Max-Age
86400
Access-Control-Allow-Methods
GET, POST, OPTIONS
Content-Type
image/gif
Access-Control-Allow-Credentials
true

Redirect headers

Pragma
no-cache
Date
Tue, 19 Oct 2021 14:35:48 GMT
Server
nginx/1.16.0
P3P
CP="NOI DSP COR NID CURa ADMa DEVa PSAa PSDa OUR BUS COM INT OTC PUR STA"
Location
https://dmg.digitaltarget.ru/1/2016/i/i?a=216&e=CMCnvw+j5CTOSfBwVHpB98wQ==&c=pc:&i=acf8a690&rds=1086
Cache-Control
max-age=0, no-cache, no-store
Connection
close
Content-Length
0
Expires
Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

77 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| 0 object| 1 object| 2 object| 3 object| 4 object| onbeforexrselect boolean| originAgentCluster object| adsbygoogle object| html5 object| Modernizr function| yepnope number| ifpluso object| yandexContextAsyncCallbacks string| GoogleAnalyticsObject function| ga function| $ function| jQuery object| jQuery1102036005883710183695 object| google_js_reporting_queue number| google_srt object| google_logging_queue object| google_ad_modifications object| ggeac boolean| google_measure_js_timing object| google_reactive_ads_global_state boolean| _gfp_a_ object| google_sa_queue object| google_sl_win function| google_process_slots function| google_spfd number| google_unique_id object| google_sv_map number| google_lpabyc string| google_user_agent_client_hint object| google_tag_data object| gaplugins object| gaGlobal object| gaData function| Goog_AdSense_getAdAdapterInstance function| Goog_AdSense_OsdAdapter function| google_sa_impl object| google_persistent_state_async object| googleToken object| googleIMState boolean| _gfp_p_ function| processGoogleToken number| google_global_correlator object| google_prev_clients object| ampInaboxIframes object| ampInaboxPendingMessages object| Ya object| yaCounter30246399 object| pcodeJsonp45475tHX2p8sSzq number| pr function| AdFox_getCodeScript object| adfoxAsyncParams object| adfoxAsyncParamsScroll object| adfoxAsyncParamsAdaptive object| yaSafeFrameCallbacksStorage boolean| isLoadingSafeframeStarted object| __pcodeAllActiveTestIds object| ya boolean| yandex_context_perf_logging object| layoutConfig object| pluso object| yaCounter212621 object| $sf object| yaSafeFrameAsyncCallbacks object| k string| pt object| s object| GoogleGcLKhOms object| adcm_config object| a object| m object| google_image_requests object| adcm

25 Cookies

Domain/Path Name / Value
.itnan.ru/ Name: _ga
Value: GA1.2.504054274.1634654147
.itnan.ru/ Name: _gid
Value: GA1.2.46580742.1634654147
.itnan.ru/ Name: _gat
Value: 1
.itnan.ru/ Name: _ym_uid
Value: 1634654148837662602
.itnan.ru/ Name: _ym_d
Value: 1634654148
.itnan.ru/ Name: __gads
Value: ID=42393706d45f9e10-2217be5ef9ca0011:T=1634654147:RT=1634654147:S=ALNI_MZoGtk6ihZDHqwtL6QLSJIwMQemjQ
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 1683360089fake
.itnan.ru/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 3999712115fake
.doubleclick.net/ Name: test_cookie
Value: CheckForPermission
.yandex.ru/ Name: i
Value: BpZ66ocDSRKhX78av3vTwJhmGZgfgORhgoX3o1iApwTKKwPzLzy/kXArnp7mDEvMCecYi4PyMQ0/ggCjE3hQ1jKgcuA=
.yandex.com/ Name: yandexuid
Value: 3556830331634654147
.yandex.com/ Name: yuidss
Value: 3556830331634654147
mc.yandex.com/ Name: yabs-sid
Value: 2654781361634654147
.yandex.com/ Name: i
Value: PKUzYtFJFnCtgGBFvyld/qsYCN2gQ8imDIjbkfINUjnr+cnBZ4yZS0dpIAtr0ZPEvsPg0Y+IbiavHae5v93bU6RoIbQ=
.yandex.com/ Name: ymex
Value: 1666190147.yrts.1634654147#1666190147.yrtsi.1634654147
.yadro.ru/ Name: FTID
Value: 1XRjV32J7EOB1XRjV30005Tq
.yadro.ru/ Name: VID
Value: 1Cbapl32W1uB1XRjV40005ZE
.rktch.com/ Name: b_uid
Value: 77edd8bfddb9b57e465111db0c0975e64f58
itnan.ru/ Name: _a_d3t6sf
Value: duCM4xBq1m_f9Xkt_u59bsI6
.dmg.digitaltarget.ru/ Name: visessid
Value: d97acc33_17bebb34584_00000000000d92e2
.dmg.digitaltarget.ru/ Name: viuserid
Value: cP37miK4cb9Zcfc7vg2s
.upravel.com/ Name: user_id
Value: e3f49670-c1ed-4b62-8068-0428c3b9dd9f
.fnc.rt.ru/ Name: visessid
Value: 18c31511_17c808f7040_00000000000414f2
.fnc.rt.ru/ Name: viuserid
Value: 4gdCsKgq5RlY5555F7hS

4 Console Messages

Source Level URL
Text
network error URL: https://an.yandex.ru/meta/212621?target-ref=https%3A%2F%2Fitnan.ru%2Fpost.php%3Fc%3D1%26p%3D584232&charset=utf-8&pcode-test-ids=428758%2C0%2C19%3B434063%2C0%2C75%3B437232%2C0%2C55%3B434521%2C0%2C64%3B430931%2C0%2C82%3B436638%2C0%2C31%3B400734%2C0%2C62%3B438102%2C0%2C66%3B434214%2C0%2C17%3B429815%2C0%2C60%3B438207%2C0%2C2%3B438213%2C0%2C74%3B439166%2C0%2C6&pcode-flags-map=eJyNVV1vnDgU%2FS88T1ZgvvtmwMxYBYxsk6QbVRZJ6O5IdIgYUu226n%2FvBSbpmGlo5wEGwznn3uN7r78ZpMBRRlTMEhILdbOjkmRUSOPd3TfjS90%2BN8Y7Q%2FKKGBtjaI4DfYRnB4WmGxrfP26MhIoJn5AUV5lUckdyokheyg8qqTiWlBW%2F5fLtiSsnCcUqpUAXUQlYokpOGafAleJYMq4xmX%2BZ48%2B6YHMmtmuWVRBKVEnJCoULml8GMyd%2FQeBPBFVBU8YB9SeQ2Y14h4stmJnR%2BD1YwVm13amMbWmscUAuEMlLaC85apw28hGa88BCCTmZfE24WKbg2IHtmTo2dEx3wuIkZbcq57G6poJGNButBMkpQI2m%2Be9Jz8m3bfPFhozhhHAFbiicl%2Be4oX9uNFhghyeYIEoIrmixxFxqvYLSKssmVEl4TAo5eqdyIvE5ftp3S0vYddyZ4KUMR45588Q59M742hxAG67odLv6p27bpv8fHu%2F3bXvf1f0j%2FP%2B36%2Fdfu8NQt9qDaVsBLNSP9dOw%2F9LE3eEIFjwMXQ%2Brn7vHpj%2Fg0ztYeOqOQ9PHdd89H5v2HPdz6fi57gc17NvG%2BPjrnLiMVISLYtyBDG%2FFqpc%2FYbsIyuX8WwdZrv2GRF4qQYpERQTHiwK7UIByW6muCArsptCV7ywv8JC%2FQS7MDRduQRBYG5C3gmCD7NC1x5tr%2Bt4GeY7j2BtkIss0dUO8wEEnXQiWFIpFgvBFkkZzqO%2FbRo%2FYQyG09Gb1IxQG1pxWSm9JcqoexcGVpcLSEC8I55ETs7zkRIh5n1SOtbrXSzbwPGsCjc2lCnKjpvG3rhRCX2qJPAyt%2FoVjevMwlURIRW5LNc4P2NOUbsdeLMdBr4nAO8lZtuhI3w1OKRUSAw6m53ZqaA17Ie8jG2nnQgp4JT4U8TrOcdHsBi3KUWgyJWdJNR4tlJNYruPN0J7xMEzjETKpJ7%2BcAYuq8uw505IJCS02EayLvUK2GYswDCz6NwFvU3YO%2B1S3R200mnDMzWXynkQ4mmfw5BHm5Df7HlgmOg8yZllG4ovjDHBX%2B4fucGUt3EWW82bHro7z16aYkZxMG0NTBdeb8WCCPlw16w0GSXPCKrl%2BLLxCp6JdNrrjOr67aA%2FL8wDw%2FQeQ6pI1&server-side-rendering-enabled-formats=zen%0Azen2%0Azen2-gallery%0Abillboard%0Ahorizontal%0Ahorizontal0318%0AadaptiveConstructor%0AmodernAdaptive%0AposterCarousel%0AadaptiveCarousel%0Asmart_tile&price-disabled-formats=adaptive0418%0Aadaptive%0AmodernAdaptive%0Ahorizontal%0Ahorizontal0318%0Agrid%0A160x600%0A240x400%0A200x300%0A300x300%0A300x250%0A250x250%0A728x90%0A1000x120%0A320x50%0A320x100%0A400x240%0A320x480%0A480x320%0A336x280%0A300x600%0A300x500%0A970x250%0A970x90&raw-smart-content=1&smart-format-names=smart-banner-adaptive_v1%0Asmart-banner-mosaic_v1&pcode-icookie=NRZcE1pKKgAL7lCtn71D8xp3A1oueNE1yo1Me064gAvvpLV2Nni42fpbNhOxfRrycSL9P27WtkpouKOK1XErCeckeiM%3D&duid=MTYzNDY1NDE0ODgzNzY2MjYwMg%3D%3D&imp-id=1&enable-flat-highlight=1&comboblock-unencoded-vast=1&test-tag=230399225626626&ad-session-id=1062781634654147556&target-id=17555496&tga-with-creatives=1&pcode-version=45475&pcodever=45475&flash-ver=0&available-width=1364&layout-config=%7B%22win_width%22%3A1600%2C%22win_height%22%3A1200%2C%22pixel_ratio%22%3A1%2C%22bandwidth%22%3A9.4%2C%22w%22%3A1364%2C%22h%22%3A0%2C%22width%22%3A1364%2C%22height%22%3A0%2C%22visible%22%3A0%2C%22left%22%3A118%2C%22top%22%3A2564%2C%22fontFamily%22%3A%22roboto%22%2C%22ad_no%22%3A0%2C%22req_no%22%3A0%7D&grab-orig-len=276&grab=dO-7v--7v1NlY3VyaXR5IFdlZWsgNDI6INCw0YLQsNC60LAgTXlzdGVyeVNuYWlsINC4IHplcm8tZGF5INCyIFdpbmRvd3MKMlNlY3VyaXR5IFdlZWsgNDI6INCw0YLQsNC60LAgTXlzdGVyeVNuYWlsINC4IHplcm8tZGF5INCyIFdpbmRvd3MgKzkgCjPQp9GC0L4g0LXRidC1INC_0YDQvtC40LfQvtGI0LvQviAKM9Ca0L7QvNC80LXQvdGC0LDRgNC40LggKDApOiAK&uniformat=true&callback=Ya%5B1773516500630%5D
Message:
Failed to load resource: the server responded with a status of 404 ()
network error URL: https://mc.yandex.com/sync_cookie_image_decide?token=9431.b9ha1egz-tPDB0d0KxRLqpdOfG8_gUsrB5OEd9RPvuGjkyAtOPlRBFGRcBgwidLlre1bHRLsep466kfijkODYA%2C%2C.17XZKToBKUO6Tug16cpoJoEmQXo%2C
Message:
Failed to load resource: the server responded with a status of 400 ()
network error URL: https://dmg.digitaltarget.ru/1/7259/i/i?i=69443963865716.170782369278673&c=tg:adcm_pc&q=scc
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)
network error URL: https://fnc.rt.ru/1/6532/i/i?i=VK3oorZoYPVUZXn7WuXy&c=tg:rds_6534&q=scc
Message:
Failed to load resource: the server responded with a status of 404 (Not Found)

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header Value
Strict-Transport-Security max-age=31536000; preload

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

adservice.google.com
ajax.googleapis.com
an.yandex.ru
cm.p.altergeo.ru
counter.yadro.ru
dmg.digitaltarget.ru
fnc.rt.ru
googleads.g.doubleclick.net
habrastorage.org
hsto.org
itnan.ru
kitbit.net
matcher.upravel.com
mc.yandex.com
mc.yandex.ru
optinder.com
p1.ntvk1.ru
pagead2.googlesyndication.com
partner.googleadservices.com
share.pluso.ru
tag.digitaltarget.ru
tpc.googlesyndication.com
ut9.rktch.com
www.google-analytics.com
www.google.com
yastatic.net
104.21.21.220
104.26.12.161
138.201.139.144
142.250.181.226
142.250.184.225
142.250.184.234
142.250.185.228
142.250.185.238
142.250.186.130
168.119.167.24
172.217.16.130
178.154.131.217
185.15.175.132
185.15.175.137
185.15.175.145
185.59.220.17
31.131.252.90
31.131.252.94
77.88.21.119
82.192.95.170
87.250.250.90
88.212.201.216
89.108.97.2
94.130.25.91
04d78500f8ef8b9d12208ac6d7fbab701bf4fad63961fc3ad9b774eace7245f7
10c861bc88c25be1f3ee98f7652bc7fbb35857f42f923e00c6037b757c77685e
16f220ae22621d8aa737049dfc981fa456efa6347ee01210192b0dc3e8b0e3c1
1c4e7ed74d34e914d80f544d90fba1d8b7aedc27d92e7898562392846de2b58b
1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d
26b216fadb2ffcd542ca56c2d84f9918f62e40de89bf88b4211fffacd2a4ad83
291cca3bd4913e784747c9044649220bed8fc8cb9cf15d9af9db1e299d651b3e
2dfe28cbdb83f01c940de6a88ab86200154fd772d568035ac568664e52068363
32c37d3ef21fb4793c7a9f4f6adf7e5d597e7fd0d7b8a89f793bb0b34c44ee53
38b458870e9545f8512a1c0d9ce073e80d8dd2c2a087bb7bc4b969aac41521c4
40f2a96f78f4c8484e9da6e172f5ddd3e4d7786ca29e04b96e1067a365190e80
41b805ea7ac014e23556e98bb374702a08344268f92489a02f0880849394a1e4
4fa0156d693856f79289525c8e4db988a188d55ce0283351c96d811c7ce3e2c3
524e44c0169d7b4312df53ae9a3420d8847c3beca8caace06037161b5b37236b
530c9d56afb8f4b6283bd0c7b5eb61c40729e5bf197d3edfd21e0b1491261fe3
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
601796e00f0a45029a5174616618941016a89d198b8339d6d90293e4aa7ecf63
6b8235409bc9c0675fd63e85619444eb4e9aa07fc9ee2726cbb26a397747399d
6e63652214a0cbf519e042ceb1b2766fe30717f628e02c422a11bcac98e55c04
70dc71db05e73f02c2b3d0c6114a29021a6a575e39faa20a055d8635e0bf59bd
783d761e7033b02b9571f6cab5f4b1117fd71c649ce0456e2984761e5f9b2f70
784eb14774a9a419af32c02c2d16cf197ef2701afc2ea65b58c3a574ed5458bd
7c86a0916a2d25b15ee96be760403c78ed2333a62c19696f478eea6aa04a1968
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
851cdd9c8f9511cf3106740adf5f6462058c9e2274ffe0968ba64247578d3cd9
8810d6c611d19829306909c4bfdb67e8aa83b8693f9df31ae94e03ab2f52051a
899c755c9d85a6a8ba4acece77ec818e24c6aed4c9e34ab10575c67a1926bbaa
89a15e9c40bc6b14809f236ee8cd3ed1ea42393c1f6ca55c7855cd779b3f922e
8f297a42c731c5e6412ef47dff5d7697e142a28abe98d34b515951d40e5e9f7d
8f69e10876805b747a3ad08a818d46ac7e731b1af417ea6e259d9b6b7deb65c5
911caca5bc85cfb1d49a79f02766a49df9b9f21f6280300acab7d8496dac6516
9196b60d8c3d08567e1730c77384a324a706df725226d3ae0a610b56c2cac747
956ea9d9ff85207b4b6c1d1419ee4f0d7cdb8be1c1aad97df366c069c8ac0662
988e279526239a70ca349222cca686f41a006a073a61a107d8eaa136df8dad3b
9a6b50131cc9b2e010aafa2e58d6a1672df5781ebee2120a2e80e04db9d89007
a0357cb694b5284870c77c0dbcaf33f238004800419288afde313317b0dbd0b7
a048e640908046be06e00eab37742b5d5ff80964af58cfd22f7cb2de4dfe375f
a26c8e8d3867cb6b70363852151a9f2d41ea40deca52b8183ea12f0b5ac99e6a
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4dd8fa4b48fea11e0b0f1a5f66c5f3a8f7390bf5f2e441d4298269a6101b66a
a5ead9037af4a0e749e217f63b25a25493a7705e17d98f04b336ab1370a353db
a88d699bbf9f25fa9a614e4af43982e1096bd9f918a3f5adcaace243ae5cfebc
b12c1cd811f54d11bfdcb5e235e73934a8b8a7a85eafb8529117f9a5bb64ccf8
b64cba4910c07d3567812af1133b2044622a6fe818b5ddd0a87c412896afb898
b8a4ca75bda70815996c8e0cadaf33c04de2a192b8a640638f07814a7953fc6e
c98bfc997b6f14c9301cb80750de239febd6f778788734be5055f3c38598be79
ca8b950c8445a49a52cd5ed7b196ffbbb8087296f99e709eb7529aa50e9a926b
cb7f3c795a4867454af57a3769f3d55bfd10620729e56ee979817b0633e969ad
ccf9e049aa8bf49098f9c06cfacbe0aa6685ada9c88781f5c4c1cf5bc3531286
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d00f203352f44b1e5549752a31cc9998116210b59a217560090c01dd80f08719
d636f680b956f9fc59f321dea229ff4d5d6f86b22463809485f7b3e92c826bbd
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e559c1776e84e5be00a4527cc8eff3cc70c7325cccc46518f4925836573c9f53
e843ae28728902de46bcb8ad2623ab2a1caf63420d8ff94c3765030f1fc95f8d
ea5267ab8f48df1f085df89f320a63ffe30ae68c5b02d85ec0437e4cdcb6b7de
ecaf54043af605466fd9465aa2c331c2bcb5a0ab3e4cb9dc4ced21dc6e13f387
ed092eae1ee2625dda949b1a3ed58d405bfbd8b07c4a286c4792e6d419acaea8
f3d9d8c9546a285acc07e0609c73c8b05721c9822e93f6dc083ca3aa09baf9bf
f6480760cf4dd957c58150ae08d65c5ea5b38a68a6eeb20db7ddd24af6535df1
fa67be62b0c31f1c7ac251cebb7015c12022c7b05e49985ceac80e575a3a2b5b
fd222137f245c06ddb4c4d44db41f12138dad6cf8ef5d4d4a5e500f38f0c8c62