report2017.oprf.ru Open in urlscan Pro
195.208.58.49 Public Scan

Go To Rescan
Add Verdict Report

URL:
http://report2017.oprf.ru/
Submission Tags: oprf ru rf l4ing subleak Search All
Submission: On June 07 via manual (June 7th 2022, 1:27:30 am UTC) from UA — Scanned from DE

Summary HTTP 60 Redirects Links 1 Behaviour Indicators

Summary

This website contacted 17 IPs in 3 countries across 14 domains to perform 60 HTTP transactions. The main IP is 195.208.58.49, located in Ramenskoye, Russian Federation and belongs to SPARKTELL-NET, RU. The main domain is report2017.oprf.ru.

This is the only time report2017.oprf.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
17	195.208.58.49 195.208.58.49	199624 (SPARKTELL...) (SPARKTELL-NET)
1	2a00:1450:400... 2a00:1450:4005:800::2008	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
3	2a03:90c0:41:... 2a03:90c0:41:2801::254	199524 (GCORE) (GCORE)
10	2a00:1450:400... 2a00:1450:4001:82f::2003	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:82b::200e	15169 (GOOGLE) (GOOGLE)
1	2a02:6b8:20::215 2a02:6b8:20::215	208722 (GLOBAL_DC) (GLOBAL_DC)
1 2	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:812::2006	15169 (GOOGLE) (GOOGLE)
4 9	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
4	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2004	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:80e::2001	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:801::2016	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::200e	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:811::2003	15169 (GOOGLE) (GOOGLE)
60	17

17 195.208.58.49 (Ramenskoye, Russian Federation)

ASN199624 (SPARKTELL-NET, RU)
PTR: 49.58.208.195.sparktell.net

report2017.oprf.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4005:800::2008 (Ireland)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a03:90c0:41:2801::254 (Frankfurt am Main, Germany)

ASN199524 (GCORE, LU)

static.tildacdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:82f::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82b::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.youtube.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)

yastatic.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:812::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

static.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:6b8::1:119 (Moscow, Russian Federation) 4 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

jnn-pa.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:80e::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

yt3.ggpht.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:801::2016 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

i.ytimg.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:811::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
17	oprf.ru report2017.oprf.ru	836 KB
11	gstatic.com fonts.gstatic.com www.gstatic.com	128 KB
9	youtube.com www.youtube.com — Cisco Umbrella Rank: 91	747 KB
7	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 9388	4 KB
6	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 42 jnn-pa.googleapis.com — Cisco Umbrella Rank: 275	31 KB
3	doubleclick.net 1 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 40 static.doubleclick.net — Cisco Umbrella Rank: 338	1 KB
3	tildacdn.com static.tildacdn.com — Cisco Umbrella Rank: 55236	244 KB
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 35	20 KB
2	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 3528	50 KB
1	ytimg.com i.ytimg.com — Cisco Umbrella Rank: 111	16 KB
1	ggpht.com yt3.ggpht.com — Cisco Umbrella Rank: 213	5 KB
1	google.com www.google.com — Cisco Umbrella Rank: 2	14 KB
1	yastatic.net yastatic.net — Cisco Umbrella Rank: 6571	38 KB
1	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 64	39 KB
60	14

	Domain	Requested by
17	report2017.oprf.ru	report2017.oprf.ru
10	fonts.gstatic.com	fonts.googleapis.com www.youtube.com
9	www.youtube.com	report2017.oprf.ru www.youtube.com
7	mc.yandex.com	3 redirects report2017.oprf.ru
4	jnn-pa.googleapis.com	www.youtube.com
3	static.tildacdn.com	report2017.oprf.ru
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	mc.yandex.ru	1 redirects report2017.oprf.ru
2	googleads.g.doubleclick.net	1 redirects www.youtube.com
2	fonts.googleapis.com	report2017.oprf.ru
1	www.gstatic.com	www.youtube.com
1	i.ytimg.com	www.youtube.com
1	yt3.ggpht.com	www.youtube.com
1	www.google.com	www.youtube.com
1	static.doubleclick.net	www.youtube.com
1	yastatic.net	report2017.oprf.ru
1	www.googletagmanager.com	report2017.oprf.ru
60	17

This site contains links to these domains. Also see Links.

Domain
www.oprf.ru

Subject Issuer	Validity	Valid
*.google-analytics.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.tildacdn.com Sectigo RSA Domain Validation Secure Server CA	`2022-02-21` - `2023-03-19`	a year	crt.sh
*.gstatic.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.yastatic-net.ru GlobalSign ECC OV SSL CA 2018	`2022-04-01` - `2022-09-29`	6 months	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-05-21` - `2022-10-31`	5 months	crt.sh
www.google.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
*.googleusercontent.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh
edgestatic.com GTS CA 1C3	`2022-05-09` - `2022-08-01`	3 months	crt.sh

This page contains 2 frames:

Primary Page: http://report2017.oprf.ru/
Frame ID: D12DF1C88DB16FF81A58F40B4F87C455
Requests: 39 HTTP requests in this frame

Frame: https://www.youtube.com/embed/07eyLs9chUM?rel=0&fmt=18&html5=1&showinfo=0
Frame ID: 30D026F7EF80360E60505B85F9119434
Requests: 20 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

ДОКЛАД О СОСТОЯНИИ ГРАЖДАНСКОГО ОБЩЕСТВА В РОССИЙСКОЙ ФЕДЕРАЦИИ ЗА 2017 ГОД

Detected technologies

Tilda (CMS) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+tilda(?:cdn|\.ws|-blocks)
tilda(?:cdn|\.ws|-blocks)

YouTube (Video Players) Expand

Overall confidence: 100%
Detected patterns

<(?:param|embed|iframe)[^>]+youtube(?:-nocookie)?\.com/(?:v|embed)

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/gtag/js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

60
Requests

65 %
HTTPS

94 %
IPv6

14
Domains

17
Subdomains

17
IPs

3
Countries

2170 kB
Transfer

6409 kB
Size

16
Cookies

1 Outgoing links

These are links going to different origins than the main page.

URL: http://www.oprf.ru/
Title: www.oprf.ru

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 34

https://googleads.g.doubleclick.net/pagead/id HTTP 302
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Request Chain 53

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9661.177GoUlsI7eO2MOQyxFIdxtMvRxcpekIydYOXFV8Q0MVUL37aHqrrcPuXiXy3N-K.AZj7S6pJc2_zMXFkm35342KEj9Q%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9661.hIKskxh6h9xDKlv9lrpSqHGGj6aWIPnOONRh2bXDSv-9-MrasPRk8tcoS7zEzOzXmjOok2CT6s8BB4P858u_pw%2C%2C.K1P38Pif27N92gwxVOR1rBEgZks%2C

Request Chain 57

https://mc.yandex.com/watch/26812653?wmode=7&page-url=http%3A%2F%2Freport2017.oprf.ru%2F&charset=utf-8&site-info=%7B%22shareVersion%22%3A2%2C%22strategy%22%3A%22b%2Fh%2Fj%2Fk%2Fk%2Fl%2Ft%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A198dw73ozp1lr8k77gm80%3Afp%3A734%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A814%3Acn%3A2%3Adp%3A1%3Als%3A245896798907%3Ahid%3A512451903%3Az%3A0%3Ai%3A20220607012723%3Aet%3A1654565244%3Ac%3A1%3Arn%3A364920682%3Arqn%3A1%3Au%3A1654565244148730889%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1654565242393%3Ads%3A382%2C49%2C51%2C2%2C0%2C0%2C%2C699%2C3%2C%2C%2C%2C1184%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1654565244%3At%3A%D0%94%D0%9E%D0%9A%D0%9B%D0%90%D0%94%20%D0%9E%20%D0%A1%D0%9E%D0%A1%D0%A2%D0%9E%D0%AF%D0%9D%D0%98%D0%98%20%D0%93%D0%A0%D0%90%D0%96%D0%94%D0%90%D0%9D%D0%A1%D0%9A%D0%9E%D0%93%D0%9E%20%D0%9E%D0%91%D0%A9%D0%95%D0%A1%D0%A2%D0%92%D0%90%20%D0%92%20%D0%A0%D0%9E%D0%A1%D0%A1%D0%98%D0%99%D0%A1%D0%9A%D0%9E%D0%99%20%D0%A4%D0%95%D0%94%D0%95%D0%A0%D0%90%D0%A6%D0%98%D0%98%20%D0%97%D0%90%202017%20%D0%93%D0%9E%D0%94&t=gdpr(14)lt(18900)aw(1)rqnt(1)ti(2) HTTP 302
https://mc.yandex.com/watch/26812653/1?wmode=7&page-url=http%3A%2F%2Freport2017.oprf.ru%2F&charset=utf-8&site-info=%7B%22shareVersion%22%3A2%2C%22strategy%22%3A%22b%2Fh%2Fj%2Fk%2Fk%2Fl%2Ft%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A198dw73ozp1lr8k77gm80%3Afp%3A734%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A814%3Acn%3A2%3Adp%3A1%3Als%3A245896798907%3Ahid%3A512451903%3Az%3A0%3Ai%3A20220607012723%3Aet%3A1654565244%3Ac%3A1%3Arn%3A364920682%3Arqn%3A1%3Au%3A1654565244148730889%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1654565242393%3Ads%3A382%2C49%2C51%2C2%2C0%2C0%2C%2C699%2C3%2C%2C%2C%2C1184%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1654565244%3At%3A%D0%94%D0%9E%D0%9A%D0%9B%D0%90%D0%94%20%D0%9E%20%D0%A1%D0%9E%D0%A1%D0%A2%D0%9E%D0%AF%D0%9D%D0%98%D0%98%20%D0%93%D0%A0%D0%90%D0%96%D0%94%D0%90%D0%9D%D0%A1%D0%9A%D0%9E%D0%93%D0%9E%20%D0%9E%D0%91%D0%A9%D0%95%D0%A1%D0%A2%D0%92%D0%90%20%D0%92%20%D0%A0%D0%9E%D0%A1%D0%A1%D0%98%D0%99%D0%A1%D0%9A%D0%9E%D0%99%20%D0%A4%D0%95%D0%94%D0%95%D0%A0%D0%90%D0%A6%D0%98%D0%98%20%D0%97%D0%90%202017%20%D0%93%D0%9E%D0%94&t=gdpr%2814%29lt%2818900%29aw%281%29rqnt%281%29ti%282%29

Request Chain 58

https://mc.yandex.com/watch/47097780?wmode=7&page-url=http%3A%2F%2Freport2017.oprf.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A198dw73ozp1lr8k77gm80%3Afp%3A734%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A814%3Acn%3A1%3Adp%3A0%3Als%3A416888133714%3Ahid%3A512451903%3Az%3A0%3Ai%3A20220607012723%3Aet%3A1654565244%3Ac%3A1%3Arn%3A308606778%3Arqn%3A1%3Au%3A1654565244148730889%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1654565242393%3Ads%3A382%2C49%2C51%2C2%2C0%2C0%2C%2C699%2C3%2C%2C%2C%2C1184%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1654565244%3At%3A%D0%94%D0%9E%D0%9A%D0%9B%D0%90%D0%94%20%D0%9E%20%D0%A1%D0%9E%D0%A1%D0%A2%D0%9E%D0%AF%D0%9D%D0%98%D0%98%20%D0%93%D0%A0%D0%90%D0%96%D0%94%D0%90%D0%9D%D0%A1%D0%9A%D0%9E%D0%93%D0%9E%20%D0%9E%D0%91%D0%A9%D0%95%D0%A1%D0%A2%D0%92%D0%90%20%D0%92%20%D0%A0%D0%9E%D0%A1%D0%A1%D0%98%D0%99%D0%A1%D0%9A%D0%9E%D0%99%20%D0%A4%D0%95%D0%94%D0%95%D0%A0%D0%90%D0%A6%D0%98%D0%98%20%D0%97%D0%90%202017%20%D0%93%D0%9E%D0%94&t=gdpr(14)aw(1)rqnt(1)ti(2) HTTP 302
https://mc.yandex.com/watch/47097780/1?wmode=7&page-url=http%3A%2F%2Freport2017.oprf.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A198dw73ozp1lr8k77gm80%3Afp%3A734%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A814%3Acn%3A1%3Adp%3A0%3Als%3A416888133714%3Ahid%3A512451903%3Az%3A0%3Ai%3A20220607012723%3Aet%3A1654565244%3Ac%3A1%3Arn%3A308606778%3Arqn%3A1%3Au%3A1654565244148730889%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1654565242393%3Ads%3A382%2C49%2C51%2C2%2C0%2C0%2C%2C699%2C3%2C%2C%2C%2C1184%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1654565244%3At%3A%D0%94%D0%9E%D0%9A%D0%9B%D0%90%D0%94%20%D0%9E%20%D0%A1%D0%9E%D0%A1%D0%A2%D0%9E%D0%AF%D0%9D%D0%98%D0%98%20%D0%93%D0%A0%D0%90%D0%96%D0%94%D0%90%D0%9D%D0%A1%D0%9A%D0%9E%D0%93%D0%9E%20%D0%9E%D0%91%D0%A9%D0%95%D0%A1%D0%A2%D0%92%D0%90%20%D0%92%20%D0%A0%D0%9E%D0%A1%D0%A1%D0%98%D0%99%D0%A1%D0%9A%D0%9E%D0%99%20%D0%A4%D0%95%D0%94%D0%95%D0%A0%D0%90%D0%A6%D0%98%D0%98%20%D0%97%D0%90%202017%20%D0%93%D0%9E%D0%94&t=gdpr%2814%29aw%281%29rqnt%281%29ti%282%29

60 HTTP transactions
1 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
report2017.oprf.ru/ 22 KB
6 KB 483ms
52ms Document
text/html 195.208.58.49
SPARKTELL-NET

General

Check archive.org

Show headers Download Go to

Full URL

http://report2017.oprf.ru/

Protocol

HTTP/1.1

Server

195.208.58.49 Ramenskoye, Russian Federation, ASN199624 (SPARKTELL-NET, RU),

Reverse DNS

49.58.208.195.sparktell.net

Software

nginx /

Resource Hash

831b92a443f81dcdd95ae68177ab772145eacc735df50b7bfc6f784f0d8d71a9

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Connection: keep-alive
Content-Encoding: gzip
Content-Type: text/html
Date: Tue, 07 Jun 2022 01:27:22 GMT
ETag: W/"58d5-561685985fe80"
Last-Modified: Thu, 28 Dec 2017 15:41:30 GMT
Server: nginx
Strict-Transport-Security: max-age=15552000
Transfer-Encoding: chunked
Vary: Accept-Encoding
X-Apache2-RT-MicroSec: D=315
X-Nginx-VM-RT: 0.000

GET
H/1.1 200
OK vendor.css
report2017.oprf.ru/dist/styles/ 152 KB
28 KB 56ms
55ms Stylesheet
text/css 195.208.58.49
SPARKTELL-NET

General

Check archive.org

Show headers Download Go to

Full URL

http://report2017.oprf.ru/dist/styles/vendor.css

Requested by

Host: report2017.oprf.ru
URL: http://report2017.oprf.ru/

Protocol

HTTP/1.1

Server

195.208.58.49 Ramenskoye, Russian Federation, ASN199624 (SPARKTELL-NET, RU),

Reverse DNS

49.58.208.195.sparktell.net

Software

nginx /

Resource Hash

145702c5682657ce3e39fc2e4668ec232f1fb03af5b0f004dd31de227d47394b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://report2017.oprf.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Tue, 07 Jun 2022 01:27:22 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Dec 2017 14:54:42 GMT
Server: nginx
ETag: W/"5a4505b2-26004"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: text/css
Cache-Control: max-age=604800
Transfer-Encoding: chunked
X-Nginx: static-txt
Strict-Transport-Security: max-age=15552000
Expires: Tue, 14 Jun 2022 01:27:22 GMT

GET
H/1.1 200
OK theme.css
report2017.oprf.ru/dist/styles/ 7 KB
2 KB 99ms
50ms Stylesheet
text/css 195.208.58.49
SPARKTELL-NET

General

Check archive.org

Show headers Download Go to

Full URL

http://report2017.oprf.ru/dist/styles/theme.css

Requested by

Host: report2017.oprf.ru
URL: http://report2017.oprf.ru/

Protocol

HTTP/1.1

Server

195.208.58.49 Ramenskoye, Russian Federation, ASN199624 (SPARKTELL-NET, RU),

Reverse DNS

49.58.208.195.sparktell.net

Software

nginx /

Resource Hash

f35b7e87d015762b16fe3b3d936840f07771f6633b52b506e8289384e5620eb5

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://report2017.oprf.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Tue, 07 Jun 2022 01:27:22 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Dec 2017 14:54:42 GMT
Server: nginx
ETag: W/"5a4505b2-1b6b"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: text/css
Cache-Control: max-age=604800
Transfer-Encoding: chunked
X-Nginx: static-txt
Strict-Transport-Security: max-age=15552000
Expires: Tue, 14 Jun 2022 01:27:22 GMT

GET
H/1.1 200
OK tilda-grid-3.0.min.css
report2017.oprf.ru/dist/tilda/ 4 KB
1 KB 99ms
50ms Stylesheet
text/css 195.208.58.49
SPARKTELL-NET

General

Check archive.org

Show headers Download Go to

Full URL

http://report2017.oprf.ru/dist/tilda/tilda-grid-3.0.min.css

Requested by

Host: report2017.oprf.ru
URL: http://report2017.oprf.ru/

Protocol

HTTP/1.1

Server

195.208.58.49 Ramenskoye, Russian Federation, ASN199624 (SPARKTELL-NET, RU),

Reverse DNS

49.58.208.195.sparktell.net

Software

nginx /

Resource Hash

f5c301b8769579afae9deb4eda7659df32661229039c6b7a37cfabd1827317ce

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://report2017.oprf.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Tue, 07 Jun 2022 01:27:22 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Dec 2017 14:54:42 GMT
Server: nginx
ETag: W/"5a4505b2-1010"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: text/css
Cache-Control: max-age=604800
Transfer-Encoding: chunked
X-Nginx: static-txt
Strict-Transport-Security: max-age=15552000
Expires: Tue, 14 Jun 2022 01:27:22 GMT

GET
H/1.1 200
OK tilda-blocks-2.12.css
report2017.oprf.ru/dist/tilda/ 38 KB
8 KB 106ms
54ms Stylesheet
text/css 195.208.58.49
SPARKTELL-NET

General

Check archive.org

Show headers Download Go to

Full URL

http://report2017.oprf.ru/dist/tilda/tilda-blocks-2.12.css

Requested by

Host: report2017.oprf.ru
URL: http://report2017.oprf.ru/

Protocol

HTTP/1.1

Server

195.208.58.49 Ramenskoye, Russian Federation, ASN199624 (SPARKTELL-NET, RU),

Reverse DNS

49.58.208.195.sparktell.net

Software

nginx /

Resource Hash

17f6da5054a2876257d123dab6ba2548499fd9d8a963aedb6ab78708e77024d7

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://report2017.oprf.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Tue, 07 Jun 2022 01:27:22 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Dec 2017 14:54:42 GMT
Server: nginx
ETag: W/"5a4505b2-961b"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: text/css
Cache-Control: max-age=604800
Transfer-Encoding: chunked
X-Nginx: static-txt
Strict-Transport-Security: max-age=15552000
Expires: Tue, 14 Jun 2022 01:27:22 GMT

GET
H/1.1 200
OK tilda-animation-1.0.min.css
report2017.oprf.ru/dist/tilda/ 2 KB
920 B 107ms
54ms Stylesheet
text/css 195.208.58.49
SPARKTELL-NET

General

Check archive.org

Show headers Download Go to

Full URL

http://report2017.oprf.ru/dist/tilda/tilda-animation-1.0.min.css

Requested by

Host: report2017.oprf.ru
URL: http://report2017.oprf.ru/

Protocol

HTTP/1.1

Server

195.208.58.49 Ramenskoye, Russian Federation, ASN199624 (SPARKTELL-NET, RU),

Reverse DNS

49.58.208.195.sparktell.net

Software

nginx /

Resource Hash

5904e67fbd0b58d6abe716c77021ea0cc937eb5fabe19d7b3cf28dfbd4f05834

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://report2017.oprf.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Tue, 07 Jun 2022 01:27:22 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Dec 2017 14:54:42 GMT
Server: nginx
ETag: W/"5a4505b2-8f2"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: text/css
Cache-Control: max-age=604800
Transfer-Encoding: chunked
X-Nginx: static-txt
Strict-Transport-Security: max-age=15552000
Expires: Tue, 14 Jun 2022 01:27:22 GMT

GET
H/1.1 200
OK jquery-1.10.2.min.js Show response
report2017.oprf.ru/dist/tilda/ 91 KB
36 KB 111ms
58ms Script
application/javascript 195.208.58.49
SPARKTELL-NET

General

Check archive.org

Show headers Download Go to

Full URL

http://report2017.oprf.ru/dist/tilda/jquery-1.10.2.min.js

Requested by

Host: report2017.oprf.ru
URL: http://report2017.oprf.ru/

Protocol

HTTP/1.1

Server

195.208.58.49 Ramenskoye, Russian Federation, ASN199624 (SPARKTELL-NET, RU),

Reverse DNS

49.58.208.195.sparktell.net

Software

nginx /

Resource Hash

c73b004ebf31b395cf237c3d2b13c1e576f385e04660ceb5f7be163ff3c201dc

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://report2017.oprf.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Tue, 07 Jun 2022 01:27:22 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Dec 2017 14:54:42 GMT
Server: nginx
ETag: W/"5a4505b2-16b88"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript
Cache-Control: max-age=604800
Transfer-Encoding: chunked
X-Nginx: static-txt
Strict-Transport-Security: max-age=15552000
Expires: Tue, 14 Jun 2022 01:27:22 GMT

GET
H/1.1 200
OK logoru.png
report2017.oprf.ru/dist/tilda/ 72 KB
72 KB 52ms
51ms Image
image/png 195.208.58.49
SPARKTELL-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://report2017.oprf.ru/dist/tilda/logoru.png

Requested by

Host: report2017.oprf.ru
URL: http://report2017.oprf.ru/

Protocol

HTTP/1.1

Server

195.208.58.49 Ramenskoye, Russian Federation, ASN199624 (SPARKTELL-NET, RU),

Reverse DNS

49.58.208.195.sparktell.net

Software

nginx /

Resource Hash

d12d2eb4c32725508715946c49dbacaf1bd979871edea50e82d24b36b42f9d42

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://report2017.oprf.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Tue, 07 Jun 2022 01:27:23 GMT
Last-Modified: Thu, 28 Dec 2017 14:54:42 GMT
Server: nginx
ETag: "5a4505b2-11e2d"
Strict-Transport-Security: max-age=15552000
Connection: keep-alive
Content-Type: image/png
Cache-Control: max-age=604800
X-Nginx: static-images
Accept-Ranges: bytes
Content-Length: 73261
Expires: Tue, 14 Jun 2022 01:27:23 GMT

GET
H/1.1 200
OK bundle.js Show response
report2017.oprf.ru/dist/scripts/ 2 MB
595 KB 61ms
60ms Script
application/javascript 195.208.58.49
SPARKTELL-NET

General

Check archive.org

Show headers Download Go to

Full URL

http://report2017.oprf.ru/dist/scripts/bundle.js

Requested by

Host: report2017.oprf.ru
URL: http://report2017.oprf.ru/

Protocol

HTTP/1.1

Server

195.208.58.49 Ramenskoye, Russian Federation, ASN199624 (SPARKTELL-NET, RU),

Reverse DNS

49.58.208.195.sparktell.net

Software

nginx /

Resource Hash

f05249deb92608c4e80597b7b77045acb8ef6edc1f3f39e3030a251e9fc29d26

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://report2017.oprf.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Tue, 07 Jun 2022 01:27:23 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Dec 2017 14:54:42 GMT
Server: nginx
ETag: W/"5a4505b2-22252c"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript
Cache-Control: max-age=604800
Transfer-Encoding: chunked
X-Nginx: static-txt
Strict-Transport-Security: max-age=15552000
Expires: Tue, 14 Jun 2022 01:27:23 GMT

GET
H/1.1 200
OK tilda-scripts-2.8.min.js Show response
report2017.oprf.ru/dist/tilda/ 39 KB
12 KB 59ms
58ms Script
application/javascript 195.208.58.49
SPARKTELL-NET

General

Check archive.org

Show headers Download Go to

Full URL

http://report2017.oprf.ru/dist/tilda/tilda-scripts-2.8.min.js

Requested by

Host: report2017.oprf.ru
URL: http://report2017.oprf.ru/

Protocol

HTTP/1.1

Server

195.208.58.49 Ramenskoye, Russian Federation, ASN199624 (SPARKTELL-NET, RU),

Reverse DNS

49.58.208.195.sparktell.net

Software

nginx /

Resource Hash

cc0d0be46dc79453ec2065c9db6b64acca93650aae08cb040152159e8aff363b

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://report2017.oprf.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Tue, 07 Jun 2022 01:27:23 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Dec 2017 14:54:42 GMT
Server: nginx
ETag: W/"5a4505b2-9c8f"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript
Cache-Control: max-age=604800
Transfer-Encoding: chunked
X-Nginx: static-txt
Strict-Transport-Security: max-age=15552000
Expires: Tue, 14 Jun 2022 01:27:23 GMT

GET
H/1.1 200
OK tilda-blocks-2.7.js Show response
report2017.oprf.ru/dist/tilda/ 142 B
522 B 54ms
53ms Script
application/javascript 195.208.58.49
SPARKTELL-NET

General

Check archive.org

Show headers Download Go to

Full URL

http://report2017.oprf.ru/dist/tilda/tilda-blocks-2.7.js

Requested by

Host: report2017.oprf.ru
URL: http://report2017.oprf.ru/

Protocol

HTTP/1.1

Server

195.208.58.49 Ramenskoye, Russian Federation, ASN199624 (SPARKTELL-NET, RU),

Reverse DNS

49.58.208.195.sparktell.net

Software

nginx /

Resource Hash

43377bea6efdcbf84335551274521c722b299ef368d30b456bf917c862185258

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://report2017.oprf.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Tue, 07 Jun 2022 01:27:23 GMT
Last-Modified: Thu, 28 Dec 2017 14:54:42 GMT
Server: nginx
ETag: "5a4505b2-8e"
Strict-Transport-Security: max-age=15552000
Connection: keep-alive
Content-Type: application/javascript
Cache-Control: max-age=604800
X-Nginx: static-txt
Accept-Ranges: bytes
Content-Length: 142
Expires: Tue, 14 Jun 2022 01:27:23 GMT

GET
H/1.1 200
OK tilda-animation-1.0.min.js Show response
report2017.oprf.ru/dist/tilda/ 13 KB
4 KB 52ms
51ms Script
application/javascript 195.208.58.49
SPARKTELL-NET

General

Check archive.org

Show headers Download Go to

Full URL

http://report2017.oprf.ru/dist/tilda/tilda-animation-1.0.min.js

Requested by

Host: report2017.oprf.ru
URL: http://report2017.oprf.ru/

Protocol

HTTP/1.1

Server

195.208.58.49 Ramenskoye, Russian Federation, ASN199624 (SPARKTELL-NET, RU),

Reverse DNS

49.58.208.195.sparktell.net

Software

nginx /

Resource Hash

0eb182c66258dcb7e67c7815ad9691979b1b22e340dea060754fd0868d875ecf

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://report2017.oprf.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Tue, 07 Jun 2022 01:27:23 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Dec 2017 14:54:42 GMT
Server: nginx
ETag: W/"5a4505b2-3319"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript
Cache-Control: max-age=604800
Transfer-Encoding: chunked
X-Nginx: static-txt
Strict-Transport-Security: max-age=15552000
Expires: Tue, 14 Jun 2022 01:27:23 GMT

GET
H/1.1 200
OK lazyload-1.3.min.js Show response
report2017.oprf.ru/dist/tilda/ 7 KB
3 KB 51ms
50ms Script
application/javascript 195.208.58.49
SPARKTELL-NET

General

Check archive.org

Show headers Download Go to

Full URL

http://report2017.oprf.ru/dist/tilda/lazyload-1.3.min.js

Requested by

Host: report2017.oprf.ru
URL: http://report2017.oprf.ru/

Protocol

HTTP/1.1

Server

195.208.58.49 Ramenskoye, Russian Federation, ASN199624 (SPARKTELL-NET, RU),

Reverse DNS

49.58.208.195.sparktell.net

Software

nginx /

Resource Hash

996617e5af8289751b1bdfcc60a8907262f0a467d7fc388914f58f6507e4251f

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://report2017.oprf.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Tue, 07 Jun 2022 01:27:23 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Dec 2017 14:54:42 GMT
Server: nginx
ETag: W/"5a4505b2-1a8e"
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript
Cache-Control: max-age=604800
Transfer-Encoding: chunked
X-Nginx: static-txt
Strict-Transport-Security: max-age=15552000
Expires: Tue, 14 Jun 2022 01:27:23 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 100 KB
39 KB 80ms
37ms Script
application/javascript 2a00:1450:4005:800::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=UA-111520371-1

Requested by

Host: report2017.oprf.ru
URL: http://report2017.oprf.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4005:800::2008 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

da158543f644d5e4562b2ce0325f1277ec9a8782d42efb16aa2fb6ecfcb6af6c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://report2017.oprf.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 01:27:23 GMT
content-encoding: br
vary: Accept-Encoding
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 39664
x-xss-protection: 0
last-modified: Tue, 07 Jun 2022 00:00:00 GMT
server: Google Tag Manager
strict-transport-security: max-age=31536000; includeSubDomains
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Tue, 07 Jun 2022 01:27:23 GMT

GET
H2 200 css
fonts.googleapis.com/ 12 KB
1 KB 40ms
17ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,600,700

Requested by

Host: report2017.oprf.ru
URL: http://report2017.oprf.ru/dist/styles/theme.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

086f0cb26e8d42ee8764167fae634b94e36641dccd9b3fb912f5d1d7726cec04

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://report2017.oprf.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 07 Jun 2022 01:27:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 07 Jun 2022 01:27:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Jun 2022 01:27:23 GMT

GET
H2 200 css
fonts.googleapis.com/ 8 KB
766 B 32ms
19ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:300,400,500,600,700&subset=latin,cyrillic

Requested by

Host: report2017.oprf.ru
URL: http://report2017.oprf.ru/dist/tilda/tilda-blocks-2.12.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://report2017.oprf.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Tue, 07 Jun 2022 01:27:23 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Tue, 07 Jun 2022 01:27:23 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Tue, 07 Jun 2022 01:27:23 GMT

GET
H2 200 coverdoklad.JPG
static.tildacdn.com/tild6533-6536-4537-b163-666539636237/-/resize/20x/ 388 B
431 B 599ms
195ms Image
image/jpeg 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.tildacdn.com/tild6533-6536-4537-b163-666539636237/-/resize/20x/coverdoklad.JPG
Requested by: Host: report2017.oprf.ru
URL: http://report2017.oprf.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: f485179d3625be76388e607ba445a93b4117c7f4b9ad1e8ae91ac026e892a0d0

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://report2017.oprf.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-id: m9-up-gc52, fr5-up-gc37
date: Tue, 07 Jun 2022 01:27:23 GMT
tserver: 12
server: nginx
content-type: image/jpeg
cache-control: public
cache: MISS, MISS
expires: Sat, 02 Jul 2022 23:59:59 GMT

GET
H/1.1 200
OK /
report2017.oprf.ru/ 2 KB
2 KB 63ms
57ms Image
text/html 195.208.58.49
SPARKTELL-NET

General

Check archive.org

Show headers Download Go to Show image

Full URL

http://report2017.oprf.ru/

Requested by

Host: report2017.oprf.ru
URL: http://report2017.oprf.ru/

Protocol

HTTP/1.1

Server

195.208.58.49 Ramenskoye, Russian Federation, ASN199624 (SPARKTELL-NET, RU),

Reverse DNS

49.58.208.195.sparktell.net

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://report2017.oprf.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Tue, 07 Jun 2022 01:27:23 GMT
Content-Encoding: gzip
Last-Modified: Thu, 28 Dec 2017 15:41:30 GMT
Server: nginx
ETag: W/"58d5-561685985fe80"
Vary: Accept-Encoding
Content-Type: text/html
X-Apache2-RT-MicroSec: D=181
Connection: keep-alive
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=15552000
X-Nginx-VM-RT: 0.001

GET
H2 200 manepageoprf1.jpg
static.tildacdn.com/tild6531-3463-4638-b630-326534306339/-/resize/20x/ 421 B
561 B 592ms
189ms Image
image/jpeg 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.tildacdn.com/tild6531-3463-4638-b630-326534306339/-/resize/20x/manepageoprf1.jpg
Requested by: Host: report2017.oprf.ru
URL: http://report2017.oprf.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: da3cf5e6c844ed6633bd52f97b83c67a795765ca201aeabd4d4ab99d1eba3cab

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://report2017.oprf.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-id: m9-up-gc57, fr5-up-gc37
date: Tue, 07 Jun 2022 01:27:23 GMT
tserver: 10
server: nginx
content-type: image/jpeg
cache-control: public
cache: MISS, MISS
expires: Sat, 02 Jul 2022 23:59:59 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
10 KB 31ms
8ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://report2017.oprf.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 20:29:43 GMT
x-content-type-options: nosniff
age: 17860
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9644
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Jun 2023 20:29:43 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
9 KB 31ms
8ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47aa3bfad6cb9e2d63abdd58f4e6ce4f7b9fd2704b2b15193c71874035fe025d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://report2017.oprf.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 15:23:23 GMT
x-content-type-options: nosniff
age: 36240
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9576
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Jun 2023 15:23:23 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 10 KB
10 KB 33ms
11ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://report2017.oprf.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 14:43:17 GMT
x-content-type-options: nosniff
age: 38646
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9840
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:39 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Jun 2023 14:43:17 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 40ms
18ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://report2017.oprf.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 11:47:17 GMT
x-content-type-options: nosniff
age: 49206
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Jun 2023 11:47:17 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 33ms
15ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://report2017.oprf.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 12:43:04 GMT
x-content-type-options: nosniff
age: 45859
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Jun 2023 12:43:04 GMT

GET
H2 200 KFOlCnqEu92Fr1MmEU9fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 16 KB
16 KB 14ms
14ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmEU9fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,600,700

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://report2017.oprf.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 16:12:47 GMT
x-content-type-options: nosniff
age: 33276
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15920
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:45 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Jun 2023 16:12:47 GMT

GET
H2 200 07eyLs9chUM Show response
www.youtube.com/embed/ Frame 30D0 63 KB
27 KB 126ms
103ms Document
text/html 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/embed/07eyLs9chUM?rel=0&fmt=18&html5=1&showinfo=0

Requested by

Host: report2017.oprf.ru
URL: http://report2017.oprf.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

57b518337d92608744bd8a4534d5ea38c2d129f7ac711cb3ad769ec244880a3b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://report2017.oprf.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
cache-control: no-cache, no-store, max-age=0, must-revalidate
content-encoding: br
content-type: text/html; charset=utf-8
critical-ch: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
cross-origin-opener-policy-report-only: same-origin; report-to="youtube_main"
date: Tue, 07 Jun 2022 01:27:23 GMT
expires: Mon, 01 Jan 1990 00:00:00 GMT
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657?hl=de for more info."
permissions-policy: ch-ua-arch=*, ch-ua-bitness=*, ch-ua-full-version=*, ch-ua-full-version-list=*, ch-ua-model=*, ch-ua-platform=*, ch-ua-platform-version=*
pragma: no-cache
report-to: {"group":"youtube_main","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube_main"}]}
server: ESF
strict-transport-security: max-age=31536000
vary: Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Full-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version
x-content-type-options: nosniff
x-xss-protection: 0

GET
H2 200 www-player.css
www.youtube.com/s/player/02208bb4/ Frame 30D0 338 KB
47 KB 8ms
7ms Stylesheet
text/css 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/02208bb4/www-player.css

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/07eyLs9chUM?rel=0&fmt=18&html5=1&showinfo=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

623aab405058e30a77d9161bd1a4e1ba46549e2b7937db37205dbdb772852662

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/07eyLs9chUM?rel=0&fmt=18&html5=1&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 17:41:48 GMT
content-encoding: br
x-content-type-options: nosniff
age: 27935
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 47515
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 00:19:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/css
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 06 Jun 2023 17:41:48 GMT

GET
H2 200 www-embed-player.js Show response
www.youtube.com/s/player/02208bb4/www-embed-player.vflset/ Frame 30D0 302 KB
94 KB 13ms
12ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/02208bb4/www-embed-player.vflset/www-embed-player.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/07eyLs9chUM?rel=0&fmt=18&html5=1&showinfo=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

b668e843499461acaf97c3e2b7c4a55940f37e6b083168928b538f9736213f63

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/07eyLs9chUM?rel=0&fmt=18&html5=1&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sun, 05 Jun 2022 09:11:18 GMT
content-encoding: br
x-content-type-options: nosniff
age: 144965
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95691
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 00:19:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Mon, 05 Jun 2023 09:11:18 GMT

GET
H2 200 base.js Show response
www.youtube.com/s/player/02208bb4/player_ias.vflset/de_DE/ Frame 30D0 2 MB
532 KB 16ms
16ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/02208bb4/player_ias.vflset/de_DE/base.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/07eyLs9chUM?rel=0&fmt=18&html5=1&showinfo=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5cacda73a7b677180e4428c3d0345b49d890c98bd25eb3db239c3f96efbee22

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/07eyLs9chUM?rel=0&fmt=18&html5=1&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 16:00:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 465987
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 543920
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 00:19:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 01 Jun 2023 16:00:56 GMT

GET
H2 200 fetch-polyfill.js Show response
www.youtube.com/s/player/02208bb4/fetch-polyfill.vflset/ Frame 30D0 9 KB
3 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/02208bb4/fetch-polyfill.vflset/fetch-polyfill.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/07eyLs9chUM?rel=0&fmt=18&html5=1&showinfo=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/07eyLs9chUM?rel=0&fmt=18&html5=1&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Sat, 04 Jun 2022 05:57:31 GMT
content-encoding: br
x-content-type-options: nosniff
age: 242992
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2786
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 00:19:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Sun, 04 Jun 2023 05:57:31 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 30D0 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/07eyLs9chUM?rel=0&fmt=18&html5=1&showinfo=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 11:18:05 GMT
x-content-type-options: nosniff
age: 569358
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15344
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:55 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 31 May 2023 11:18:05 GMT

GET
H/1.1 200
OK footnotes.json Show response
report2017.oprf.ru/data/etc/ 61 KB
19 KB 56ms
56ms Fetch
application/json 195.208.58.49
SPARKTELL-NET

General

Check archive.org

Show headers Download Go to

Full URL

http://report2017.oprf.ru/data/etc/footnotes.json

Requested by

Host: report2017.oprf.ru
URL: http://report2017.oprf.ru/dist/scripts/bundle.js

Protocol

HTTP/1.1

Server

195.208.58.49 Ramenskoye, Russian Federation, ASN199624 (SPARKTELL-NET, RU),

Reverse DNS

49.58.208.195.sparktell.net

Software

nginx /

Resource Hash

e101948e79bbbd2d396e1d4dc8c89830da37f2ff10cf4560b5b21c5b83d24840

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://report2017.oprf.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Tue, 07 Jun 2022 01:27:23 GMT
Content-Encoding: gzip
Last-Modified: Wed, 20 Dec 2017 15:01:24 GMT
Server: nginx
ETag: W/"f3f5-560c6db625900"
Vary: Accept-Encoding
Content-Type: application/json
X-Apache2-RT-MicroSec: D=146
Connection: keep-alive
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=15552000
X-Nginx-VM-RT: 0.000

GET
H2 200 share.js Show response
yastatic.net/share2/ 143 KB
38 KB 102ms
31ms Script
application/javascript 2a02:6b8:20::215
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://yastatic.net/share2/share.js

Requested by

Host: report2017.oprf.ru
URL: http://report2017.oprf.ru/dist/scripts/bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

nginx/1.17.9 /

Resource Hash

553f8aabc850b35ffd002398ccef7666d3f015f4015cb2fdb91db41f41043bae

Security Headers

Name	Value
Strict-Transport-Security	max-age=43200000; includeSubDomains;
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://report2017.oprf.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 01:27:23 GMT
content-encoding: br
x-content-type-options: nosniff
nel: {"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
vary: Accept-Encoding
x-xss-protection: 1; mode=block
last-modified: Thu, 24 Feb 2022 11:43:04 GMT
server: nginx/1.17.9
etag: W/"d1f50e7764e147ede58b5f2ba90f4767"
x-robots-tag: noindex, noarchive, nofollow
strict-transport-security: max-age=43200000; includeSubDomains;
report-to: { "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public, max-age=216009
timing-allow-origin: *
expires: Thu, 09 Jun 2022 13:26:46 GMT

GET
H/1.1 200
OK MaterialIcons-Regular.woff2
report2017.oprf.ru/dist/fonts/ 43 KB
44 KB 51ms
50ms Font
application/octet-stream 195.208.58.49
SPARKTELL-NET

General

Check archive.org

Show headers Download Go to

Full URL

http://report2017.oprf.ru/dist/fonts/MaterialIcons-Regular.woff2

Requested by

Host: report2017.oprf.ru
URL: http://report2017.oprf.ru/dist/styles/vendor.css

Protocol

HTTP/1.1

Server

195.208.58.49 Ramenskoye, Russian Federation, ASN199624 (SPARKTELL-NET, RU),

Reverse DNS

49.58.208.195.sparktell.net

Software

nginx /

Resource Hash

a87d66c91b2e7dc5530aef76c03bd6a3d25ea5826110bf4803b561b811cc8726

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

Referer: http://report2017.oprf.ru/dist/styles/vendor.css
Origin: http://report2017.oprf.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Tue, 07 Jun 2022 01:27:23 GMT
Last-Modified: Thu, 28 Dec 2017 14:54:42 GMT
Server: nginx
ETag: "5a4505b2-ad0c"
Strict-Transport-Security: max-age=15552000
Connection: keep-alive
Content-Type: application/octet-stream
Cache-Control: max-age=604800
X-Nginx: static-txt
Accept-Ranges: bytes
Content-Length: 44300
Expires: Tue, 14 Jun 2022 01:27:23 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,600,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://report2017.oprf.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 11:07:47 GMT
x-content-type-options: nosniff
age: 51576
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Jun 2023 11:07:47 GMT

GET
H3

200

id Show response
googleads.g.doubleclick.net/pagead/ Frame 30D0
Redirect Chain

https://googleads.g.doubleclick.net/pagead/id
https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

100 B
146 B

31ms
15ms

XHR
application/json

2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/id?slf_rd=1

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/07eyLs9chUM?rel=0&fmt=18&html5=1&showinfo=0

Protocol

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

2c318b69d03d6314090cfa949dbbd8b60d6d3e2fcf6e7accb699f254c45855db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 01:27:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 120
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: application/json; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

date: Tue, 07 Jun 2022 01:27:23 GMT
x-content-type-options: nosniff
access-control-allow-origin: https://www.youtube.com
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
pragma: no-cache
server: cafe
content-type: text/html; charset=UTF-8
location: https://googleads.g.doubleclick.net/pagead/id?slf_rd=1
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
timing-allow-origin: *
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ad_status.js Show response
static.doubleclick.net/instream/ Frame 30D0 29 B
588 B 27ms
6ms Script
text/javascript 2a00:1450:4001:812::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://static.doubleclick.net/instream/ad_status.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/02208bb4/www-embed-player.vflset/www-embed-player.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:812::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 01:24:58 GMT
x-content-type-options: nosniff
age: 145
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 29
x-xss-protection: 0
last-modified: Thu, 12 Dec 2013 23:40:16 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=900
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 07 Jun 2022 01:39:58 GMT

GET
H2 200 watch.js Show response
mc.yandex.ru/metrika/ 140 KB
50 KB 222ms
110ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: report2017.oprf.ru
URL: http://report2017.oprf.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

afa2263f43e53ca655d020e0a4de1c8854e5545795f2c1af2b193d3efbbcc8f2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://report2017.oprf.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 01:27:23 GMT
content-encoding: br
last-modified: Fri, 03 Jun 2022 13:26:02 GMT
etag: "6299e1ba-c7c7"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 51143
expires: Tue, 07 Jun 2022 02:27:23 GMT

OPTIONS
H2 200 Create
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 36ms
13ms Preflight
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Tue, 07 Jun 2022 01:27:23 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

POST
H3 200 Create Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 30D0 62 KB
29 KB 38ms
22ms XHR
application/json+protobuf 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/Create

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/02208bb4/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

d65723532f183ae15671cce642eacd7f97ee3e50889dbbe482e0c79dd4f82c8a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 07 Jun 2022 01:27:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 29304
x-xss-protection: 0

GET
H3 200 remote.js Show response
www.youtube.com/s/player/02208bb4/player_ias.vflset/de_DE/ Frame 30D0 119 KB
37 KB 8ms
7ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/02208bb4/player_ias.vflset/de_DE/remote.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/02208bb4/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

be491f084ae9823aa8c2e070956bb2b036f4591b53e827edf112887551fc31b0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/07eyLs9chUM?rel=0&fmt=18&html5=1&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 16:00:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 465987
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37805
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 00:19:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 01 Jun 2023 16:00:56 GMT

GET
H2 200 EsymvScChCGIZdhdrFUjr5i0tdGa2JS0JczF6sa7GEY.js Show response
www.google.com/js/th/ Frame 30D0 35 KB
14 KB 30ms
7ms Script
text/javascript 2a00:1450:4001:808::2004
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google.com/js/th/EsymvScChCGIZdhdrFUjr5i0tdGa2JS0JczF6sa7GEY.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/02208bb4/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

12cca6bd270284218865d85dac5523af98b4b5d19ad894b425ccc5eac6bb1846

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 08:55:13 GMT
content-encoding: br
x-content-type-options: nosniff
age: 59530
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13604
x-xss-protection: 0
last-modified: Tue, 17 May 2022 14:00:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 06 Jun 2023 08:55:13 GMT

GET
H3 200 embed.js Show response
www.youtube.com/s/player/02208bb4/player_ias.vflset/de_DE/ Frame 30D0 27 KB
8 KB 7ms
7ms Script
text/javascript 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/s/player/02208bb4/player_ias.vflset/de_DE/embed.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/02208bb4/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

67660c72f074afc0e674822efc3f9589c3e857a2af72f68ed28d86274f489d20

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/07eyLs9chUM?rel=0&fmt=18&html5=1&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Wed, 01 Jun 2022 16:00:56 GMT
content-encoding: br
x-content-type-options: nosniff
age: 465987
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8078
x-xss-protection: 0
last-modified: Wed, 01 Jun 2022 00:19:59 GMT
server: sffe
vary: Accept-Encoding, Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Thu, 01 Jun 2023 16:00:56 GMT

GET
DATA 200
OK truncated
/ Frame 30D0 175 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 AKedOLT5Kp2GlOlhRosckjrMlZDtrPUUKb-fSPJ2ptD-gQ=s68-c-k-c0x00ffffff-no-rj
yt3.ggpht.com/ytc/ Frame 30D0 4 KB
5 KB 35ms
7ms Image
image/jpeg 2a00:1450:4001:80e::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://yt3.ggpht.com/ytc/AKedOLT5Kp2GlOlhRosckjrMlZDtrPUUKb-fSPJ2ptD-gQ=s68-c-k-c0x00ffffff-no-rj

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/07eyLs9chUM?rel=0&fmt=18&html5=1&showinfo=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80e::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

fife /

Resource Hash

9b7ceffbb767e6c386b9cb05f33f1671c0c8858107554767af24479892d0b913

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 00:47:23 GMT
x-content-type-options: nosniff
age: 2400
content-disposition: inline;filename="unnamed.jpg"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4550
x-xss-protection: 0
server: fife
etag: "v164"
vary: Origin
content-type: image/jpeg
access-control-allow-origin: *
access-control-expose-headers: Content-Length
cache-control: public, max-age=86400, no-transform
timing-allow-origin: *
expires: Sun, 10 Apr 2022 13:41:38 GMT

GET
H2 200 hqdefault.webp
i.ytimg.com/vi_webp/07eyLs9chUM/ Frame 30D0 16 KB
16 KB 95ms
73ms Image
image/webp 2a00:1450:4001:801::2016
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://i.ytimg.com/vi_webp/07eyLs9chUM/hqdefault.webp

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/07eyLs9chUM?rel=0&fmt=18&html5=1&showinfo=0

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::2016 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bec6c77b44dfbdabc08f80e00a00b24eeae1d364afd61dc6bdde51f4f6e5fc68

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 01:27:23 GMT
x-content-type-options: nosniff
server: sffe
etag: "1510240128"
vary: Origin
report-to: {"group":"youtube","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/youtube"}]}
content-type: image/webp
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15886
x-xss-protection: 0
cross-origin-opener-policy-report-only: same-origin; report-to="youtube"
expires: Tue, 07 Jun 2022 03:27:23 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v18/ Frame 30D0 10 KB
10 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v18/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/embed/07eyLs9chUM?rel=0&fmt=18&html5=1&showinfo=0

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://www.youtube.com/
Origin: https://www.youtube.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 31 May 2022 21:51:54 GMT
x-content-type-options: nosniff
age: 531329
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9832
x-xss-protection: 0
last-modified: Mon, 16 Oct 2017 17:32:49 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Wed, 31 May 2023 21:51:54 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 28ms
6ms Script
text/javascript 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=UA-111520371-1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://report2017.oprf.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 13 Apr 2022 21:02:38 GMT
server: Golfe2
age: 4095
date: Tue, 07 Jun 2022 00:19:08 GMT
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 20006
expires: Tue, 07 Jun 2022 02:19:08 GMT

GET
H/1.1 200
OK menu.json Show response
report2017.oprf.ru/data/etc/ 1 KB
724 B 50ms
50ms Fetch
application/json 195.208.58.49
SPARKTELL-NET

General

Check archive.org

Show headers Download Go to

Full URL

http://report2017.oprf.ru/data/etc/menu.json

Requested by

Host: report2017.oprf.ru
URL: http://report2017.oprf.ru/dist/scripts/bundle.js

Protocol

HTTP/1.1

Server

195.208.58.49 Ramenskoye, Russian Federation, ASN199624 (SPARKTELL-NET, RU),

Reverse DNS

49.58.208.195.sparktell.net

Software

nginx /

Resource Hash

f768de917195e251ef7cc9fbc7455c61efd0056bf7954c35d035de0a3cebb319

Security Headers

Name	Value
Strict-Transport-Security	max-age=15552000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://report2017.oprf.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

Date: Tue, 07 Jun 2022 01:27:23 GMT
Content-Encoding: gzip
Last-Modified: Fri, 29 Dec 2017 01:22:52 GMT
Server: nginx
ETag: W/"4ce-5617078a71300"
Vary: Accept-Encoding
Content-Type: application/json
X-Apache2-RT-MicroSec: D=189
Connection: keep-alive
Transfer-Encoding: chunked
Strict-Transport-Security: max-age=15552000
X-Nginx-VM-RT: 0.000

POST
H3 200 collect Show response
www.google-analytics.com/j/ 1 B
21 B 28ms
13ms XHR
text/plain 2a00:1450:4001:827::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j96&a=1734263894&t=pageview&_s=1&dl=http%3A%2F%2Freport2017.oprf.ru%2F&ul=en-us&de=UTF-8&dt=%D0%94%D0%9E%D0%9A%D0%9B%D0%90%D0%94%20%D0%9E%20%D0%A1%D0%9E%D0%A1%D0%A2%D0%9E%D0%AF%D0%9D%D0%98%D0%98%20%D0%93%D0%A0%D0%90%D0%96%D0%94%D0%90%D0%9D%D0%A1%D0%9A%D0%9E%D0%93%D0%9E%20%D0%9E%D0%91%D0%A9%D0%95%D0%A1%D0%A2%D0%92%D0%90%20%D0%92%20%D0%A0%D0%9E%D0%A1%D0%A1%D0%98%D0%99%D0%A1%D0%9A%D0%9E%D0%99%20%D0%A4%D0%95%D0%94%D0%95%D0%A0%D0%90%D0%A6%D0%98%D0%98%20%D0%97%D0%90%202017%20%D0%93%D0%9E%D0%94&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAUABAAAAAC~&jid=1259457352&gjid=741473537&cid=1316279417.1654565244&tid=UA-111520371-1&_gid=35200795.1654565244&_r=1&gtm=2ou660&z=1106160921

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: http://report2017.oprf.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Tue, 07 Jun 2022 01:27:23 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: http://report2017.oprf.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 coverdoklad.JPG
static.tildacdn.com/tild6533-6536-4537-b163-666539636237/ 243 KB
243 KB 222ms
222ms Image
image/jpeg 2a03:90c0:41:2801::254
GCORE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://static.tildacdn.com/tild6533-6536-4537-b163-666539636237/coverdoklad.JPG
Requested by: Host: report2017.oprf.ru
URL: http://report2017.oprf.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU),
Reverse DNS
Software: nginx /
Resource Hash: e808e870641a9f01d1d8167c2cafe17a8db7788db1f26077a037415276405d46

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://report2017.oprf.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

x-id: m9-up-gc53, fr5-up-gc37
date: Tue, 07 Jun 2022 01:27:23 GMT
age: 0
x-trans-id: 1503d1fe242550a8
accept-ranges: bytes
tserver: 8
last-modified: Tue, 26 Dec 2017 10:39:51 GMT
server: nginx
etag: "102fd31c66a010922f6a7aa1267d4763"
content-type: image/jpeg
access-control-allow-origin: *
x-timestamp: 1514284790.22419
cache-control: public
cache: MISS, MISS
content-length: 248741
access-control-expose-headers: Cache-Control, Content-Language, Content-Type, Expires, Last-Modified, Pragma, Etag, X-Timestamp, X-Trans-Id, X-Openstack-Request-Id, Content-Length, Accept-Ranges, Expires, Cache-Control

GET
H3 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
9 KB 7ms
7ms Font
font/woff2 2a00:1450:4001:82f::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:300,300i,400,400i,500,600,700

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82f::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: http://report2017.oprf.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Mon, 06 Jun 2022 21:51:35 GMT
x-content-type-options: nosniff
age: 12948
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9628
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 06 Jun 2023 21:51:35 GMT

GET
H2 200 cast_sender.js Show response
www.gstatic.com/cv/js/sender/v1/ Frame 30D0 4 KB
3 KB 40ms
19ms Script
text/javascript 2a00:1450:4001:811::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/cv/js/sender/v1/cast_sender.js

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/02208bb4/player_ias.vflset/de_DE/base.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:811::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 01:27:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/cloudview
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 2007
x-xss-protection: 0
last-modified: Tue, 16 Feb 2021 23:57:06 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="cloudview"
vary: Accept-Encoding
report-to: {"group":"cloudview","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/cloudview"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Tue, 07 Jun 2022 01:27:23 GMT

GET
H3 204 generate_204
www.youtube.com/ Frame 30D0 0
9 B 7ms
6ms Image
text/plain 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.youtube.com/generate_204?gtVMYQ
Requested by: Host: report2017.oprf.ru
URL: http://report2017.oprf.ru/
Protocol: H3
Security: QUIC, , AES_128_GCM
Server: 2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://www.youtube.com/embed/07eyLs9chUM?rel=0&fmt=18&html5=1&showinfo=0
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 01:27:23 GMT
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9661.177GoUlsI7eO2MOQyxFIdxtMvRxcpekIydYOXFV8Q0MVUL37aHqrrcPuXiXy3N-K.AZj7S6pJc2_zMXFkm35342KEj9Q%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9661.hIKskxh6h9xDKlv9lrpSqHGGj6aWIPnOONRh2bXDSv-9-MrasPRk8tcoS7zEzOzXmjOok2CT6s8BB4P858u_pw%2C%2C.K1P38Pif27N92gwxVOR1rBEgZks%2C

75 B
75 B

59ms
59ms

Image
text/html

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9661.hIKskxh6h9xDKlv9lrpSqHGGj6aWIPnOONRh2bXDSv-9-MrasPRk8tcoS7zEzOzXmjOok2CT6s8BB4P858u_pw%2C%2C.K1P38Pif27N92gwxVOR1rBEgZks%2C

Requested by

Host: report2017.oprf.ru
URL: http://report2017.oprf.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://report2017.oprf.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 01:27:24 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9661.hIKskxh6h9xDKlv9lrpSqHGGj6aWIPnOONRh2bXDSv-9-MrasPRk8tcoS7zEzOzXmjOok2CT6s8BB4P858u_pw%2C%2C.K1P38Pif27N92gwxVOR1rBEgZks%2C
date: Tue, 07 Jun 2022 01:27:23 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
112 B 55ms
55ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: report2017.oprf.ru
URL: http://report2017.oprf.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://report2017.oprf.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

date: Tue, 07 Jun 2022 01:27:23 GMT
last-modified: Fri, 03 Jun 2022 13:26:02 GMT
etag: "6299e1ba-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Tue, 07 Jun 2022 02:27:23 GMT

POST
H3 200 GenerateIT Show response
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 30D0 98 B
142 B 17ms
17ms XHR
application/json+protobuf 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/02208bb4/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

189fe101a9bd2e6e63b8519755f465403e14b3f6cb8feb8b26407950ae616fbd

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

X-User-Agent: grpc-web-javascript/0.1
Referer: https://www.youtube.com/
X-Goog-Api-Key: AIzaSyDyT5W0Jh49F30Pqqtyfdf7pDLFKLJoAnw
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json+protobuf

Response headers

date: Tue, 07 Jun 2022 01:27:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
server: ESF
x-frame-options: SAMEORIGIN
content-type: application/json+protobuf; charset=UTF-8
access-control-allow-origin: https://www.youtube.com
access-control-expose-headers: vary,vary,vary,content-encoding,date,server,content-length
cache-control: private
access-control-allow-credentials: true
vary: Origin, X-Origin, Referer
content-length: 118
x-xss-protection: 0

OPTIONS
H3 200 GenerateIT
jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/ Frame 0
0 16ms
15ms Preflight
text/html 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://jnn-pa.googleapis.com/$rpc/google.internal.waa.v1.Waa/GenerateIT

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept: */*
Access-Control-Request-Headers: content-type,x-goog-api-key,x-user-agent
Access-Control-Request-Method: POST
Origin: https://www.youtube.com
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: content-type,x-goog-api-key,x-user-agent
access-control-allow-methods: DELETE,GET,HEAD,OPTIONS,PATCH,POST,PUT
access-control-allow-origin: https://www.youtube.com
access-control-max-age: 3600
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
content-type: text/html
date: Tue, 07 Jun 2022 01:27:23 GMT
server: ESF
vary: origin referer x-origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 0

GET
H2

200

1 Show response
mc.yandex.com/watch/26812653/
Redirect Chain

https://mc.yandex.com/watch/26812653?wmode=7&page-url=http%3A%2F%2Freport2017.oprf.ru%2F&charset=utf-8&site-info=%7B%22shareVersion%22%3A2%2C%22strategy%22%3A%22b%2Fh%2Fj%2Fk%2Fk%2Fl%2Ft%22%7D&brow...
https://mc.yandex.com/watch/26812653/1?wmode=7&page-url=http%3A%2F%2Freport2017.oprf.ru%2F&charset=utf-8&site-info=%7B%22shareVersion%22%3A2%2C%22strategy%22%3A%22b%2Fh%2Fj%2Fk%2Fk%2Fl%2Ft%22%7D&br...

338 B
456 B

60ms
60ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/26812653/1?wmode=7&page-url=http%3A%2F%2Freport2017.oprf.ru%2F&charset=utf-8&site-info=%7B%22shareVersion%22%3A2%2C%22strategy%22%3A%22b%2Fh%2Fj%2Fk%2Fk%2Fl%2Ft%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A198dw73ozp1lr8k77gm80%3Afp%3A734%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A814%3Acn%3A2%3Adp%3A1%3Als%3A245896798907%3Ahid%3A512451903%3Az%3A0%3Ai%3A20220607012723%3Aet%3A1654565244%3Ac%3A1%3Arn%3A364920682%3Arqn%3A1%3Au%3A1654565244148730889%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1654565242393%3Ads%3A382%2C49%2C51%2C2%2C0%2C0%2C%2C699%2C3%2C%2C%2C%2C1184%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1654565244%3At%3A%D0%94%D0%9E%D0%9A%D0%9B%D0%90%D0%94%20%D0%9E%20%D0%A1%D0%9E%D0%A1%D0%A2%D0%9E%D0%AF%D0%9D%D0%98%D0%98%20%D0%93%D0%A0%D0%90%D0%96%D0%94%D0%90%D0%9D%D0%A1%D0%9A%D0%9E%D0%93%D0%9E%20%D0%9E%D0%91%D0%A9%D0%95%D0%A1%D0%A2%D0%92%D0%90%20%D0%92%20%D0%A0%D0%9E%D0%A1%D0%A1%D0%98%D0%99%D0%A1%D0%9A%D0%9E%D0%99%20%D0%A4%D0%95%D0%94%D0%95%D0%A0%D0%90%D0%A6%D0%98%D0%98%20%D0%97%D0%90%202017%20%D0%93%D0%9E%D0%94&t=gdpr%2814%29lt%2818900%29aw%281%29rqnt%281%29ti%282%29

Requested by

Host: report2017.oprf.ru
URL: http://report2017.oprf.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

17c0bb89850f08e35373cf271b5f8733acf77cdbc4660e3d24539892ba576a47

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://report2017.oprf.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Jun 2022 01:27:24 GMT
x-content-type-options: nosniff
last-modified: Tue, 07-Jun-2022 01:27:24 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: http://report2017.oprf.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 338
x-xss-protection: 1; mode=block
expires: Tue, 07-Jun-2022 01:27:24 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Jun 2022 01:27:24 GMT
last-modified: Tue, 07-Jun-2022 01:27:24 GMT
location: /watch/26812653/1?wmode=7&page-url=http%3A%2F%2Freport2017.oprf.ru%2F&charset=utf-8&site-info=%7B%22shareVersion%22%3A2%2C%22strategy%22%3A%22b%2Fh%2Fj%2Fk%2Fk%2Fl%2Ft%22%7D&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A198dw73ozp1lr8k77gm80%3Afp%3A734%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A814%3Acn%3A2%3Adp%3A1%3Als%3A245896798907%3Ahid%3A512451903%3Az%3A0%3Ai%3A20220607012723%3Aet%3A1654565244%3Ac%3A1%3Arn%3A364920682%3Arqn%3A1%3Au%3A1654565244148730889%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1654565242393%3Ads%3A382%2C49%2C51%2C2%2C0%2C0%2C%2C699%2C3%2C%2C%2C%2C1184%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1654565244%3At%3A%D0%94%D0%9E%D0%9A%D0%9B%D0%90%D0%94%20%D0%9E%20%D0%A1%D0%9E%D0%A1%D0%A2%D0%9E%D0%AF%D0%9D%D0%98%D0%98%20%D0%93%D0%A0%D0%90%D0%96%D0%94%D0%90%D0%9D%D0%A1%D0%9A%D0%9E%D0%93%D0%9E%20%D0%9E%D0%91%D0%A9%D0%95%D0%A1%D0%A2%D0%92%D0%90%20%D0%92%20%D0%A0%D0%9E%D0%A1%D0%A1%D0%98%D0%99%D0%A1%D0%9A%D0%9E%D0%99%20%D0%A4%D0%95%D0%94%D0%95%D0%A0%D0%90%D0%A6%D0%98%D0%98%20%D0%97%D0%90%202017%20%D0%93%D0%9E%D0%94&t=gdpr%2814%29lt%2818900%29aw%281%29rqnt%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: http://report2017.oprf.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 07-Jun-2022 01:27:24 GMT

GET
H2

200

1 Show response
mc.yandex.com/watch/47097780/
Redirect Chain

https://mc.yandex.com/watch/47097780?wmode=7&page-url=http%3A%2F%2Freport2017.oprf.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A198dw73ozp1lr8k77gm80%3Afp%3A734%3Afu%3A0%3Aen%3Autf-8%...
https://mc.yandex.com/watch/47097780/1?wmode=7&page-url=http%3A%2F%2Freport2017.oprf.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A198dw73ozp1lr8k77gm80%3Afp%3A734%3Afu%3A0%3Aen%3Autf-...

357 B
392 B

59ms
59ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/47097780/1?wmode=7&page-url=http%3A%2F%2Freport2017.oprf.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A198dw73ozp1lr8k77gm80%3Afp%3A734%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A814%3Acn%3A1%3Adp%3A0%3Als%3A416888133714%3Ahid%3A512451903%3Az%3A0%3Ai%3A20220607012723%3Aet%3A1654565244%3Ac%3A1%3Arn%3A308606778%3Arqn%3A1%3Au%3A1654565244148730889%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1654565242393%3Ads%3A382%2C49%2C51%2C2%2C0%2C0%2C%2C699%2C3%2C%2C%2C%2C1184%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1654565244%3At%3A%D0%94%D0%9E%D0%9A%D0%9B%D0%90%D0%94%20%D0%9E%20%D0%A1%D0%9E%D0%A1%D0%A2%D0%9E%D0%AF%D0%9D%D0%98%D0%98%20%D0%93%D0%A0%D0%90%D0%96%D0%94%D0%90%D0%9D%D0%A1%D0%9A%D0%9E%D0%93%D0%9E%20%D0%9E%D0%91%D0%A9%D0%95%D0%A1%D0%A2%D0%92%D0%90%20%D0%92%20%D0%A0%D0%9E%D0%A1%D0%A1%D0%98%D0%99%D0%A1%D0%9A%D0%9E%D0%99%20%D0%A4%D0%95%D0%94%D0%95%D0%A0%D0%90%D0%A6%D0%98%D0%98%20%D0%97%D0%90%202017%20%D0%93%D0%9E%D0%94&t=gdpr%2814%29aw%281%29rqnt%281%29ti%282%29

Requested by

Host: report2017.oprf.ru
URL: http://report2017.oprf.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

63f2a576561922962d9b26bd2191e0f609ede8851b2fb798e71f20f15b5189fc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: http://report2017.oprf.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36

Response headers

pragma: no-cache
date: Tue, 07 Jun 2022 01:27:24 GMT
x-content-type-options: nosniff
last-modified: Tue, 07-Jun-2022 01:27:24 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: http://report2017.oprf.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 357
x-xss-protection: 1; mode=block
expires: Tue, 07-Jun-2022 01:27:24 GMT

Redirect headers

pragma: no-cache
date: Tue, 07 Jun 2022 01:27:24 GMT
last-modified: Tue, 07-Jun-2022 01:27:24 GMT
location: /watch/47097780/1?wmode=7&page-url=http%3A%2F%2Freport2017.oprf.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A198dw73ozp1lr8k77gm80%3Afp%3A734%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A814%3Acn%3A1%3Adp%3A0%3Als%3A416888133714%3Ahid%3A512451903%3Az%3A0%3Ai%3A20220607012723%3Aet%3A1654565244%3Ac%3A1%3Arn%3A308606778%3Arqn%3A1%3Au%3A1654565244148730889%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Antf%3A1%3Ans%3A1654565242393%3Ads%3A382%2C49%2C51%2C2%2C0%2C0%2C%2C699%2C3%2C%2C%2C%2C1184%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1654565244%3At%3A%D0%94%D0%9E%D0%9A%D0%9B%D0%90%D0%94%20%D0%9E%20%D0%A1%D0%9E%D0%A1%D0%A2%D0%9E%D0%AF%D0%9D%D0%98%D0%98%20%D0%93%D0%A0%D0%90%D0%96%D0%94%D0%90%D0%9D%D0%A1%D0%9A%D0%9E%D0%93%D0%9E%20%D0%9E%D0%91%D0%A9%D0%95%D0%A1%D0%A2%D0%92%D0%90%20%D0%92%20%D0%A0%D0%9E%D0%A1%D0%A1%D0%98%D0%99%D0%A1%D0%9A%D0%9E%D0%99%20%D0%A4%D0%95%D0%94%D0%95%D0%A0%D0%90%D0%A6%D0%98%D0%98%20%D0%97%D0%90%202017%20%D0%93%D0%9E%D0%94&t=gdpr%2814%29aw%281%29rqnt%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: http://report2017.oprf.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Tue, 07-Jun-2022 01:27:24 GMT

POST
H3 200 log_event Show response
www.youtube.com/youtubei/v1/ Frame 30D0 28 B
54 B 24ms
24ms XHR
application/json 2a00:1450:4001:82b::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.youtube.com/youtubei/v1/log_event?alt=json&key=AIzaSyAO_FJ2SlqU8Q4STEHLGCilw_Y9_11qcW8

Requested by

Host: www.youtube.com
URL: https://www.youtube.com/s/player/02208bb4/player_ias.vflset/de_DE/base.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82b::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

scaffolding on HTTPServer2 /

Resource Hash

d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.61 Safari/537.36
Content-Type: application/json
X-YouTube-Utc-Offset: 0
X-YouTube-Client-Name: 56
Referer: https://www.youtube.com/embed/07eyLs9chUM?rel=0&fmt=18&html5=1&showinfo=0
X-YouTube-Client-Version: 1.20220531.01.00
X-YouTube-Time-Zone: Etc/Unknown
X-Goog-Visitor-Id: CgtzaGtURXdHV0RDbyj70vqUBg%3D%3D
X-YouTube-Ad-Signals: dt=1654565243395&flash=0&frm=2&u_tz&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&bc=23&bih=-12245933&biw=-12245933&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1200%2C675&vis=1&wgl=true&ca_type=image

Response headers

date: Tue, 07 Jun 2022 01:27:25 GMT
content-encoding: br
x-content-type-options: nosniff
server: scaffolding on HTTPServer2
x-frame-options: SAMEORIGIN
vary: Origin, X-Origin, Referer
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cache-control: private
content-type: application/json; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 31
x-xss-protection: 0
expires: Tue, 07 Jun 2022 01:27:25 GMT

Verdicts & Comments Add Verdict or Comment

87 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

16 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.youtube.com/	1969-12-31 23:59:59	Name: YSC Value: DJBfQIFna-M
.youtube.com/	1970-01-20 07:55:17	Name: VISITOR_INFO1_LIVE Value: shkTEwGWDCo
.oprf.ru/	1970-01-20 21:07:17	Name: _ga Value: GA1.2.1316279417.1654565244
.oprf.ru/	1970-01-20 03:37:31	Name: _gid Value: GA1.2.35200795.1654565244
.oprf.ru/	1970-01-20 03:36:05	Name: _gat_gtag_UA_111520371_1 Value: 1
.oprf.ru/	1970-01-20 12:21:41	Name: _ym_uid Value: 1654565244148730889
.oprf.ru/	1970-01-20 12:21:41	Name: _ym_d Value: 1654565244
.oprf.ru/	1970-01-20 03:37:17	Name: _ym_isad Value: 2
.mc.yandex.com/	1970-01-20 03:36:05	Name: sync_cookie_csrf Value: 3610604599fake
.mc.yandex.ru/	1970-01-20 03:36:05	Name: sync_cookie_csrf Value: 498882342fake
.yandex.com/	1970-01-20 12:21:41	Name: ymex Value: 1686101244.yrts.1654565244#1686101244.yrtsi.1654565244
.yandex.com/	1970-01-20 12:21:41	Name: yandexuid Value: 6942945481654565244
.yandex.com/	1970-01-20 12:21:41	Name: yuidss Value: 6942945481654565244
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 40996641654565244
.yandex.com/	1970-01-23 19:12:05	Name: i Value: GhuUaUGU3qtGKSBLXcw4XSajE2PFXBMl6yTyZWjcuvxi/V4UUV3Fuej6o2l3NQAPyM3bPinK6tMt3MrsO13oBLPk7fE=
.oprf.ru/	1970-01-20 03:36:07	Name: _ym_visorc Value: w

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mc.yandex.com/sync_cookie_image_decide?token=9661.hIKskxh6h9xDKlv9lrpSqHGGj6aWIPnOONRh2bXDSv-9-MrasPRk8tcoS7zEzOzXmjOok2CT6s8BB4P858u_pw%2C%2C.K1P38Pif27N92gwxVOR1rBEgZks%2C Message: Failed to load resource: the server responded with a status of 400 ()

Security Headers

This page lists any security headers set by the main page. If you want to understand what these mean and how to use them, head on over to this page

Header	Value
Strict-Transport-Security	max-age=15552000

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
i.ytimg.com
jnn-pa.googleapis.com
mc.yandex.com
mc.yandex.ru
report2017.oprf.ru
static.doubleclick.net
static.tildacdn.com
www.google-analytics.com
www.google.com
www.googletagmanager.com
www.gstatic.com
www.youtube.com
yastatic.net
yt3.ggpht.com
195.208.58.49
2a00:1450:4001:801::2016
2a00:1450:4001:808::2002
2a00:1450:4001:808::2004
2a00:1450:4001:80e::2001
2a00:1450:4001:811::2003
2a00:1450:4001:812::2006
2a00:1450:4001:813::200a
2a00:1450:4001:827::200e
2a00:1450:4001:82b::200e
2a00:1450:4001:82f::2003
2a00:1450:4001:830::200a
2a00:1450:4005:800::2008
2a02:6b8:20::215
2a02:6b8::1:119
2a03:90c0:41:2801::254
086f0cb26e8d42ee8764167fae634b94e36641dccd9b3fb912f5d1d7726cec04
0eb182c66258dcb7e67c7815ad9691979b1b22e340dea060754fd0868d875ecf
12cca6bd270284218865d85dac5523af98b4b5d19ad894b425ccc5eac6bb1846
145702c5682657ce3e39fc2e4668ec232f1fb03af5b0f004dd31de227d47394b
17c0bb89850f08e35373cf271b5f8733acf77cdbc4660e3d24539892ba576a47
17f6da5054a2876257d123dab6ba2548499fd9d8a963aedb6ab78708e77024d7
189fe101a9bd2e6e63b8519755f465403e14b3f6cb8feb8b26407950ae616fbd
2c318b69d03d6314090cfa949dbbd8b60d6d3e2fcf6e7accb699f254c45855db
3728fbdd191d75bad5b83a838dfe2fc15f84c2aaa36ffa573321275847db31a9
3e253b66056519aa065b00a453bac37ac5ed8f3e6fe7b542e93a9dcdcc11d0bc
43377bea6efdcbf84335551274521c722b299ef368d30b456bf917c862185258
47aa3bfad6cb9e2d63abdd58f4e6ce4f7b9fd2704b2b15193c71874035fe025d
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
498b3f2a0357fbd50a80eb18b23ab4b461b791d640e5560b799f08ed960748a9
53f2931d978bf9b24d43b5d556ecf315a6b3f089699c5ba3a954c4dde8663361
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
553f8aabc850b35ffd002398ccef7666d3f015f4015cb2fdb91db41f41043bae
57b518337d92608744bd8a4534d5ea38c2d129f7ac711cb3ad769ec244880a3b
5904e67fbd0b58d6abe716c77021ea0cc937eb5fabe19d7b3cf28dfbd4f05834
623aab405058e30a77d9161bd1a4e1ba46549e2b7937db37205dbdb772852662
63f2a576561922962d9b26bd2191e0f609ede8851b2fb798e71f20f15b5189fc
67660c72f074afc0e674822efc3f9589c3e857a2af72f68ed28d86274f489d20
67ea46bc3d15351067faccb3613bd833dd3f15137a4b4a09f2e873fd41d024d2
684dfe949ae87a38c2afbcee199f51b0025dd9121b524d62e881cf40846cdd21
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b
831b92a443f81dcdd95ae68177ab772145eacc735df50b7bfc6f784f0d8d71a9
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
996617e5af8289751b1bdfcc60a8907262f0a467d7fc388914f58f6507e4251f
9b7ceffbb767e6c386b9cb05f33f1671c0c8858107554767af24479892d0b913
a1925038db769477ab74b4df34350c35688a795bb718727b0f4292a4a78a6210
a87d66c91b2e7dc5530aef76c03bd6a3d25ea5826110bf4803b561b811cc8726
afa2263f43e53ca655d020e0a4de1c8854e5545795f2c1af2b193d3efbbcc8f2
b019538234514166ec7665359d097403358f8a4c991901983922fb4d56989f1e
b668e843499461acaf97c3e2b7c4a55940f37e6b083168928b538f9736213f63
be491f084ae9823aa8c2e070956bb2b036f4591b53e827edf112887551fc31b0
bec6c77b44dfbdabc08f80e00a00b24eeae1d364afd61dc6bdde51f4f6e5fc68
c73b004ebf31b395cf237c3d2b13c1e576f385e04660ceb5f7be163ff3c201dc
cc0d0be46dc79453ec2065c9db6b64acca93650aae08cb040152159e8aff363b
d12d2eb4c32725508715946c49dbacaf1bd979871edea50e82d24b36b42f9d42
d65723532f183ae15671cce642eacd7f97ee3e50889dbbe482e0c79dd4f82c8a
d7d5e54ad1e33d7ab49c664323ced79cb9723ff15e9764cd0edc3e15208e8336
da158543f644d5e4562b2ce0325f1277ec9a8782d42efb16aa2fb6ecfcb6af6c
da3cf5e6c844ed6633bd52f97b83c67a795765ca201aeabd4d4ab99d1eba3cab
e101948e79bbbd2d396e1d4dc8c89830da37f2ff10cf4560b5b21c5b83d24840
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e808e870641a9f01d1d8167c2cafe17a8db7788db1f26077a037415276405d46
ee147e859ad0f09aa50367974e38ab53e7c7054c4a51d400a7f45b0eb251454f
eed0dc1fdb5d97ed188ae16fd5e1024a5bb744af47340346be2146300a6c54b9
f05249deb92608c4e80597b7b77045acb8ef6edc1f3f39e3030a251e9fc29d26
f35b7e87d015762b16fe3b3d936840f07771f6633b52b506e8289384e5620eb5
f485179d3625be76388e607ba445a93b4117c7f4b9ad1e8ae91ac026e892a0d0
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f5c301b8769579afae9deb4eda7659df32661229039c6b7a37cfabd1827317ce
f5cacda73a7b677180e4428c3d0345b49d890c98bd25eb3db239c3f96efbee22
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f768de917195e251ef7cc9fbc7455c61efd0056bf7954c35d035de0a3cebb319

report2017.oprf.ru Open in urlscan Pro 195.208.58.49 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Detected technologies

Page Statistics

60 Requests

65 %HTTPS

94 %IPv6

14 Domains

17 Subdomains

17 IPs

3 Countries

2170 kBTransfer

6409 kBSize

16 Cookies

1 Outgoing links

Redirected requests

60 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 1 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

report2017.oprf.ru Open in urlscan Pro
195.208.58.49 Public Scan

Screenshot
Live screenshot

Full Image

60
Requests

65 %
HTTPS

94 %
IPv6

14
Domains

17
Subdomains

17
IPs

3
Countries

2170 kB
Transfer

6409 kB
Size

16
Cookies

60 HTTP transactions
1 data transactions