bontour.ru Open in urlscan Pro
81.200.112.216 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://bontour.ru/
Effective URL:
https://bontour.ru/
Submission: On March 10 via api (March 10th 2023, 7:19:27 am UTC) from US — Scanned from DE

Summary HTTP 215 Redirects Links 7 Behaviour Indicators

Summary

This website contacted 22 IPs in 6 countries across 19 domains to perform 215 HTTP transactions. The main IP is 81.200.112.216, located in Russian Federation and belongs to BEGET-AS, RU. The main domain is bontour.ru.
TLS certificate: Issued by R3 on January 14th 2023. Valid for: 3 months.

This is the only time bontour.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 27	81.200.112.216 81.200.112.216	198610 (BEGET-AS) (BEGET-AS)
6	2606:4700::68... 2606:4700::6810:5914	13335 (CLOUDFLAR...) (CLOUDFLARENET)
21	2a00:1450:400... 2a00:1450:4001:80b::200a	15169 (GOOGLE) (GOOGLE)
3	2001:4de0:ac1... 2001:4de0:ac18::1:a:2b	20446 (STACKPATH...) (STACKPATH-CDN)
4	31.131.248.50 31.131.248.50	49505 (SELECTEL) (SELECTEL)
2	2a00:1450:400... 2a00:1450:4001:82a::2008	15169 (GOOGLE) (GOOGLE)
2	87.240.132.72 87.240.132.72	47541 (VKONTAKTE...) (VKONTAKTE-SPB-AS vk.com)
5 14	2a02:6b8::1:119 2a02:6b8::1:119	208722 (GLOBAL_DC) (GLOBAL_DC)
20	188.225.80.60 188.225.80.60	9123 (TIMEWEB-AS) (TIMEWEB-AS)
22	2a00:1450:400... 2a00:1450:4001:806::2003	15169 (GOOGLE) (GOOGLE)
9	2a13:1ec0:100... 2a13:1ec0:1000::1073	201589 (EDGEAMLLC) (EDGEAMLLC)
29	37.18.73.104 37.18.73.104	208677 (SBERCLOUD-AS) (SBERCLOUD-AS)
2	2a00:1450:400... 2a00:1450:4001:810::200e	15169 (GOOGLE) (GOOGLE)
3	95.163.52.67 95.163.52.67	47764 (VK-AS) (VK-AS)
1	46.243.227.42 46.243.227.42	208677 (SBERCLOUD-AS) (SBERCLOUD-AS)
1	2001:4860:480... 2001:4860:4802:34::36	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:400c:c06::9c	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:829::2003	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:831::2004	15169 (GOOGLE) (GOOGLE)
15	31.131.248.51 31.131.248.51	49505 (SELECTEL) (SELECTEL)
34	2a01:d8:4:5::1a 2a01:d8:4:5::1a	39494 (RU-CENTER-AS) (RU-CENTER-AS)
215	22

27 81.200.112.216 (Russian Federation) 1 redirects

ASN198610 (BEGET-AS, RU)

bontour.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2606:4700::6810:5914 (United States)

ASN13335 (CLOUDFLARENET, US)

cdn.jsdelivr.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

21 2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2001:4de0:ac18::1:a:2b (Netherlands)

ASN20446 (STACKPATH-CDN, US)

code.jquery.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 31.131.248.50 (St Petersburg, Russian Federation)

ASN49505 (SELECTEL, RU)

front.sletat.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
modulesettings.sletat.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:82a::2008 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagmanager.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 87.240.132.72 (Russian Federation)

ASN47541 (VKONTAKTE-SPB-AS vk.com, RU)
PTR: srv72-132-240-87.vk.com

vk.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

14 2a02:6b8::1:119 (Moscow, Russian Federation) 5 redirects

ASN208722 (GLOBAL_DC, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

20 188.225.80.60 (St Petersburg, Russian Federation)

ASN9123 (TIMEWEB-AS, RU)
PTR: worldtradetips.com

bitrix.infoflot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

22 2a00:1450:4001:806::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a13:1ec0:1000::1073 (Armenia)

ASN201589 (EDGEAMLLC, AM)

code.jivosite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
code.jivo.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

29 37.18.73.104 (Russian Federation)

ASN208677 (SBERCLOUD-AS, RU)
PTR: sberlead.ru

c.sberlead.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:810::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google-analytics.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 95.163.52.67 (Russian Federation)

ASN47764 (VK-AS, RU)
PTR: top-fwz1.mail.ru

top-fwz1.mail.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 46.243.227.42 (Russian Federation)

ASN208677 (SBERCLOUD-AS, RU)

node-sber1-az3-3.jivosite.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2001:4860:4802:34::36 (United States)

ASN15169 (GOOGLE, US)

region1.analytics.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:400c:c06::9c (Brussels, Belgium)

ASN15169 (GOOGLE, US)

stats.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:829::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:831::2004 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 31.131.248.51 (St Petersburg, Russian Federation)

ASN49505 (SELECTEL, RU)

module.sletat.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
static.sletat.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

34 2a01:d8:4:5::1a (Russian Federation)

ASN39494 (RU-CENTER-AS, RU)

booking.infoflot.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
54	infoflot.com bitrix.infoflot.com Failed booking.infoflot.com	3 MB
29	sberlead.ru c.sberlead.ru	242 KB
27	bontour.ru 1 redirects bontour.ru	2 MB
22	gstatic.com fonts.gstatic.com	406 KB
21	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 34	17 KB
19	sletat.ru front.sletat.ru module.sletat.ru modulesettings.sletat.ru static.sletat.ru	796 KB
11	yandex.com 3 redirects mc.yandex.com — Cisco Umbrella Rank: 9360	4 KB
7	jivo.ru code.jivo.ru — Cisco Umbrella Rank: 91257	337 KB
6	jsdelivr.net cdn.jsdelivr.net — Cisco Umbrella Rank: 337	171 KB
3	mail.ru top-fwz1.mail.ru — Cisco Umbrella Rank: 10662	16 KB
3	jivosite.com code.jivosite.com — Cisco Umbrella Rank: 30891 node-sber1-az3-3.jivosite.com — Cisco Umbrella Rank: 432626	9 KB
3	yandex.ru 2 redirects mc.yandex.ru — Cisco Umbrella Rank: 3749	73 KB
3	jquery.com code.jquery.com — Cisco Umbrella Rank: 686	142 KB
2	google.de www.google.de — Cisco Umbrella Rank: 6069	515 B
2	doubleclick.net stats.g.doubleclick.net — Cisco Umbrella Rank: 76	401 B
2	google.com region1.analytics.google.com — Cisco Umbrella Rank: 4219 www.google.com — Cisco Umbrella Rank: 2	658 B
2	google-analytics.com www.google-analytics.com — Cisco Umbrella Rank: 25	20 KB
2	vk.com vk.com — Cisco Umbrella Rank: 6203	24 KB
2	googletagmanager.com www.googletagmanager.com — Cisco Umbrella Rank: 42	125 KB
215	19

	Domain	Requested by
34	booking.infoflot.com
29	c.sberlead.ru	bontour.ru front.sletat.ru c.sberlead.ru
27	bontour.ru	1 redirects bontour.ru front.sletat.ru
22	fonts.gstatic.com	fonts.googleapis.com
21	fonts.googleapis.com	bontour.ru bitrix.infoflot.com c.sberlead.ru
20	bitrix.infoflot.com	bontour.ru bitrix.infoflot.com
14	module.sletat.ru	front.sletat.ru
11	mc.yandex.com	3 redirects bontour.ru front.sletat.ru
7	code.jivo.ru	code.jivosite.com bontour.ru
6	cdn.jsdelivr.net	bontour.ru cdn.jsdelivr.net
3	top-fwz1.mail.ru	bontour.ru
3	mc.yandex.ru	2 redirects bontour.ru
3	code.jquery.com	bontour.ru
2	modulesettings.sletat.ru	front.sletat.ru
2	www.google.de	bontour.ru
2	stats.g.doubleclick.net	www.googletagmanager.com www.google-analytics.com
2	www.google-analytics.com	www.googletagmanager.com www.google-analytics.com
2	code.jivosite.com	bontour.ru code.jivosite.com
2	vk.com	bontour.ru
2	www.googletagmanager.com	bontour.ru www.googletagmanager.com
2	front.sletat.ru	bontour.ru front.sletat.ru
1	static.sletat.ru
1	www.google.com	bontour.ru
1	region1.analytics.google.com	www.googletagmanager.com
1	node-sber1-az3-3.jivosite.com	code.jivosite.com
215	25

This site contains links to these domains. Also see Links.

Domain
api.whatsapp.com
www.youtube.com
vk.com
ok.ru
t.me
zen.yandex.ru

Subject Issuer	Validity	Valid
bontour.ru R3	`2023-01-14` - `2023-04-14`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2022-06-02` - `2023-06-01`	a year	crt.sh
upload.video.google.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.jquery.com Sectigo RSA Domain Validation Secure Server CA	`2022-08-03` - `2023-07-14`	a year	crt.sh
*.sletat.ru GlobalSign GCC R3 DV TLS CA 2020	`2022-05-21` - `2023-06-22`	a year	crt.sh
*.google-analytics.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.vk.com GlobalSign Organization Validation CA - SHA256 - G2	`2022-03-18` - `2023-04-03`	a year	crt.sh
mc.yandex.ru GlobalSign ECC OV SSL CA 2018	`2022-10-18` - `2023-03-30`	5 months	crt.sh
bitrix.infoflot.com R3	`2023-02-10` - `2023-05-11`	3 months	crt.sh
*.gstatic.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.jivosite.com Go Daddy Secure Certificate Authority - G2	`2022-05-26` - `2023-06-04`	a year	crt.sh
*.sberlead.ru AlphaSSL CA - SHA256 - G2	`2022-10-25` - `2023-11-26`	a year	crt.sh
*.mail.ru GlobalSign ECC OV SSL CA 2018	`2022-10-18` - `2023-11-19`	a year	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
www.google.de GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
www.google.com GTS CA 1C3	`2023-02-20` - `2023-05-15`	3 months	crt.sh
*.jivo.ru AlphaSSL CA - SHA256 - G2	`2022-05-06` - `2023-06-07`	a year	crt.sh
*.infoflot.com RapidSSL Global TLS RSA4096 SHA256 2022 CA1	`2022-12-01` - `2023-11-30`	a year	crt.sh

This page contains 3 frames:

Primary Page: https://bontour.ru/
Frame ID: 11023919ED962B8901A2E8131C15B5A2
Requests: 137 HTTP requests in this frame

Frame: https://bitrix.infoflot.com/rest/api/search.filter/?key=YTo0OntzOjI6IklEIjtzOjM6Ijg2NiI7czo0OiJVU0VSIjtzOjI4OiJibUYwWVd4cFlTMXVRR0p2Ym5SdmRYSXVjblU9IjtzOjY6IlJBTkRPTSI7czo4OiJmZWx3bWd3ZyI7czoxNToiSU5GT0ZMT1QtQVBJS0VZIjtzOjQwOiI3YTdlYjM1N2VlMzVmNzc1ZmJhZGFiMzIwMWVkNjE0YTM0OGQwYjM5Ijt9&referer=https%3A%2F%2Fbontour.ru%2F
Frame ID: 8D27AF9AEC7CA8DC96FA9A31841CD864
Requests: 64 HTTP requests in this frame

Frame: https://code.jivo.ru/js/869b0ec/omnichannelMenu.js
Frame ID: A71E58C834E7A210AFD7B3409DAF510E
Requests: 1 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

Экскурсионные туры – интересные маршруты, приятные цены | «Бон тур»

Page URL History Show full URLs

http://bontour.ru/ Page URL
http://bontour.ru/ HTTP 301
https://bontour.ru/ Page URL

Detected technologies

Bootstrap (Web Frameworks) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]*?bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.css
bootstrap(?:[^>]*?([0-9a-fA-F]{7,40}|[\d]+(?:.[\d]+(?:.[\d]+)?)?)|)[^>]*?(?:\.min)?\.js

Google Analytics (Analytics) Expand

Overall confidence: 100%
Detected patterns

google-analytics\.com/(?:ga|urchin|analytics)\.js

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Google Tag Manager (Tag Managers) Expand

Overall confidence: 100%
Detected patterns

googletagmanager\.com/ns\.html[^>]+></iframe>
googletagmanager\.com/gtm\.js
googletagmanager\.com/gtag/js

Select2 (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

select2(?:\.min|\.full)?\.js

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

jquery[.-]([\d.]*\d)[^/]*\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

jsDelivr (CDN) Expand

Overall confidence: 100%
Detected patterns

<link [^>]*?href="?[a-zA-Z]*?:?//cdn\.jsdelivr\.net/
//cdn\.jsdelivr\.net/

Page Statistics

215
Requests

98 %
HTTPS

62 %
IPv6

19
Domains

25
Subdomains

22
IPs

6
Countries

7499 kB
Transfer

16565 kB
Size

26
Cookies

7 Outgoing links

These are links going to different origins than the main page.

URL: https://api.whatsapp.com/send/?phone=79062267635

Search URL Search Domain Scan URL

URL: https://www.youtube.com/user/bontourchannel

Search URL Search Domain Scan URL

URL: https://vk.com/bontour

Search URL Search Domain Scan URL

URL: https://ok.ru/bontyr

Search URL Search Domain Scan URL

URL: https://t.me/bontourmsk

Search URL Search Domain Scan URL

URL: https://zen.yandex.ru/id/602a50aad131974df273cde4

Search URL Search Domain Scan URL

URL: https://vk.com/im?sel=-19957947
Title: Сообщение ВКонтактеОбычно отвечаем в течение нескольких минут

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://bontour.ru/ Page URL
http://bontour.ru/ HTTP 301
https://bontour.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 66

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9938.PnNc2ExBVKmofquf9XLbUuJLQiOlN3N3PT5SHv110XgaZVAGl28EbC6TzcgsPD3j.ILw_4bLs9lYT-lKaDyJ9Op15KXY%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9938.GYYm561Nlifrz9PnSgMtbc-ElnBqD6ddogHVO1FCPr-fHQ_SuK5nds57-egeEI9Jc3e6OsifPYsreUzye2FDm7o6YeJbidGznAWuIzkO3MU%2C.ITYg1_a8zxNu4H1djAOjvZ1mbF0%2C

Request Chain 80

https://mc.yandex.com/watch/26037942?wmode=7&page-url=https%3A%2F%2Fbontour.ru%2F&page-ref=http%3A%2F%2Fbontour.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afp%3A679%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A53171386992%3Ahid%3A906532019%3Az%3A0%3Ai%3A20230310071920%3Aet%3A1678432760%3Ac%3A1%3Arn%3A856781070%3Arqn%3A1%3Au%3A1678432760858097477%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C126%2C253%2C1%2C73%2C0%2C%2C291%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1678432759525%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1678432761%3At%3A%D0%AD%D0%BA%D1%81%D0%BA%D1%83%D1%80%D1%81%D0%B8%D0%BE%D0%BD%D0%BD%D1%8B%D0%B5%20%D1%82%D1%83%D1%80%D1%8B%20%E2%80%93%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%B5%D1%81%D0%BD%D1%8B%D0%B5%20%D0%BC%D0%B0%D1%80%D1%88%D1%80%D1%83%D1%82%D1%8B%2C%20%D0%BF%D1%80%D0%B8%D1%8F%D1%82%D0%BD%D1%8B%D0%B5%20%D1%86%D0%B5%D0%BD%D1%8B%20%7C%20%C2%AB%D0%91%D0%BE%D0%BD%20%D1%82%D1%83%D1%80%C2%BB&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/26037942/1?wmode=7&page-url=https%3A%2F%2Fbontour.ru%2F&page-ref=http%3A%2F%2Fbontour.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afp%3A679%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A53171386992%3Ahid%3A906532019%3Az%3A0%3Ai%3A20230310071920%3Aet%3A1678432760%3Ac%3A1%3Arn%3A856781070%3Arqn%3A1%3Au%3A1678432760858097477%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C126%2C253%2C1%2C73%2C0%2C%2C291%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1678432759525%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1678432761%3At%3A%D0%AD%D0%BA%D1%81%D0%BA%D1%83%D1%80%D1%81%D0%B8%D0%BE%D0%BD%D0%BD%D1%8B%D0%B5%20%D1%82%D1%83%D1%80%D1%8B%20%E2%80%93%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%B5%D1%81%D0%BD%D1%8B%D0%B5%20%D0%BC%D0%B0%D1%80%D1%88%D1%80%D1%83%D1%82%D1%8B%2C%20%D0%BF%D1%80%D0%B8%D1%8F%D1%82%D0%BD%D1%8B%D0%B5%20%D1%86%D0%B5%D0%BD%D1%8B%20%7C%20%C2%AB%D0%91%D0%BE%D0%BD%20%D1%82%D1%83%D1%80%C2%BB&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Request Chain 86

https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9938.aHOkbU96dJQ5yrchJSKbjig8Xpn-g2jbCL8rWJp9SD1uI3wzyL5bDBUACxRSzVg2.qZ2Ur2SNfdkK35USRPE50x10pVA%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9938.KkRyuES2IWgGCGiei7T1RCHjkDzNz3ROXzJvDosPgHBvwvz89BpV08KvdPGnBAJvEEfRRyLXIuflCJZqMWbYKQYd8c3jO5fw2dAfuWKsZ4o%2C.tSj55LzYnLnRt42R4kA4wmledbQ%2C

215 HTTP transactions
8 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK /
bontour.ru/ 274 B
546 B 155ms
54ms Document
text/html 81.200.112.216
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: http://bontour.ru/
Protocol: HTTP/1.1
Server: 81.200.112.216 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

Accept-Ranges: bytes
Connection: keep-alive
Content-Length: 274
Content-Type: text/html
Date: Fri, 10 Mar 2023 07:19:19 GMT
ETag: "5f1f0984-112"
Keep-Alive: timeout=30
Last-Modified: Mon, 27 Jul 2020 17:06:12 GMT
Server: nginx-reuseport/1.21.1

GET
H2

200

Primary Request / Show response
bontour.ru/
Redirect Chain

http://bontour.ru/
https://bontour.ru/

43 KB
13 KB

379ms
253ms

Document
text/html

81.200.112.216
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bontour.ru/
Requested by: Host: bontour.ru
URL: http://bontour.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.200.112.216 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 / PHP/5.3.29
Resource Hash: 09a6e67d7219eb33f59cabadd73e390867333f7b222938698d6f63889b4d197b

Request headers

Referer: http://bontour.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-encoding: gzip
content-type: text/html
date: Fri, 10 Mar 2023 07:19:19 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
pragma: no-cache
server: nginx-reuseport/1.21.1
vary: Accept-Encoding
x-powered-by: PHP/5.3.29

Redirect headers

Connection: keep-alive
Content-Length: 301
Content-Type: text/html; charset=iso-8859-1
Date: Fri, 10 Mar 2023 07:19:19 GMT
Keep-Alive: timeout=30
Location: https://bontour.ru/
Server: nginx-reuseport/1.21.1

GET
H2 200 bootstrap.min.css
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/ 152 KB
25 KB 39ms
17ms Stylesheet
text/css 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css

Requested by

Host: bontour.ru
URL: https://bontour.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bontour.ru/
Origin: https://bontour.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 07:19:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1377941
x-jsd-version: 5.0.2
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230097-FRA, cache-yyz4521-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"260c5-fByeBXPlzqi603M74vxjqoxo6o0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=nb7Q%2FnTUhbPNSGxMccKuXUb022Z9SFQDywb6Y7DQU4n%2FYcxTt24roYRkWL9mljcObh1TgRDW7wh3V5p41vGxx3qkM1PJpXGRIDuZppy39usNPb1UnLccbe30fPP%2FapwAv7oXA6WgkxyPVo3gM0Y%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7a59c9ee0803904c-FRA

GET
H2 200 bootstrap-icons.css
cdn.jsdelivr.net/npm/bootstrap-icons@1.7.1/font/ 72 KB
10 KB 38ms
16ms Stylesheet
text/css 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap-icons@1.7.1/font/bootstrap-icons.css

Requested by

Host: bontour.ru
URL: https://bontour.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

be31fb55d198f0a2bc969e70857e7ab9388e6dce6f26c2bea85a6cd827eae666

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 07:19:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1377923
x-jsd-version: 1.7.1
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230064-FRA, cache-yyz4558-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"11e37-2BuzfflUYTrGXGJG+W0eXAs5FMI"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=dsWK%2Fel7gUZpOiToVF4HItjBf1UcuIwK%2BngXPAL7L4aiF%2F9AbwjfSKXX1HJmtXMaPPD5slpIq5ZDHcTYckfmpfC4E%2BJ5L4xvxOxUQNFSqJll3Je698Yib%2BTBOA3o9NTjUZY%2Bj6ET%2FaJZIC%2Fd1GI%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7a59c9ee0e803a82-FRA

GET
H2 200 css2
fonts.googleapis.com/ 6 KB
1 KB 43ms
16ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;700&display=swap

Requested by

Host: bontour.ru
URL: https://bontour.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

48f3941ff683ad084b452d3409e9afa51399c151e3a8a3599070f6d58e25d243

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 10 Mar 2023 07:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 10 Mar 2023 06:03:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 Mar 2023 07:19:20 GMT

GET
H2 200 custom.css
bontour.ru/assets/css/ 66 KB
20 KB 67ms
64ms Stylesheet
text/css 81.200.112.216
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bontour.ru/assets/css/custom.css
Requested by: Host: bontour.ru
URL: https://bontour.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.200.112.216 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: 0fa75c4b7aacc2930755b523f2fe513caa612ee13b3f085f30a325dfd1e6a2ec

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 07:19:19 GMT
content-encoding: gzip
last-modified: Wed, 18 Jan 2023 12:05:29 GMT
server: nginx-reuseport/1.21.1
etag: W/"63c7e089-107ab"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Fri, 17 Mar 2023 07:19:19 GMT

GET
H2 200 select2.min.css
cdn.jsdelivr.net/npm/select2@4.1.0-rc.0/dist/css/ 16 KB
3 KB 36ms
15ms Stylesheet
text/css 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/select2@4.1.0-rc.0/dist/css/select2.min.css

Requested by

Host: bontour.ru
URL: https://bontour.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

cda4a81c187015d95ed2c71f1841540b08203cdec5fa2a7d5d1825a3c2166f8c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 07:19:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1377943
x-jsd-version: 4.1.0-rc.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230031-FRA, cache-yyz4539-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"3f88-kT+fe5U1rseQyjzp1uNaz682mZM"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=krs9H3rEoOOjIyLbV6CLT%2Fvyz7xDUGHNNK8nfobrwFgA4henvfXFIj7dPGc31%2BUKclsWgx2VfI%2FQqYHFG0Mck1xtQvc7IyHu2f2Snbs0tVx%2BrHS698kuHXJgVtfv%2B3vkvh7VgTziqOriZmDi0aY%3D"}],"group":"cf-nel","max_age":604800}
content-type: text/css; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7a59c9ee0e813a82-FRA

GET
H2 200 jquery.min.js Show response
code.jquery.com/ 94 KB
33 KB 41ms
12ms Script
application/javascript 2001:4de0:ac18::1:a:2b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery.min.js
Requested by: Host: bontour.ru
URL: https://bontour.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 4b940065e2a67c37e3bd02b23c651f4744a3c219aba2d4fb99a631113494d376

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 07:19:20 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-1764d"
vary: Accept-Encoding
x-hw: 1678432760.dop138.fr8.t,1678432760.cds229.fr8.hn,1678432760.cds103.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 33226

GET
H2 200 jquery-1.10.2.js Show response
code.jquery.com/ 267 KB
79 KB 48ms
19ms Script
application/javascript 2001:4de0:ac18::1:a:2b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-1.10.2.js
Requested by: Host: bontour.ru
URL: https://bontour.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: 8ade6740a1d3cfedf81e28d9250929341207b23a55f1be90ccc26cf6d98e052a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 07:19:20 GMT
content-encoding: gzip
last-modified: Fri, 12 Aug 2022 13:47:01 GMT
server: nginx
etag: W/"62f659d5-42b2f"
vary: Accept-Encoding
x-hw: 1678432760.dop138.fr8.t,1678432760.cds229.fr8.hn,1678432760.cds235.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 80743

GET
H2 200 main_new.js Show response
bontour.ru/templates/main_page/js/ 11 KB
3 KB 66ms
64ms Script
application/x-javascript 81.200.112.216
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bontour.ru/templates/main_page/js/main_new.js?908dde24faa5dd041a6dddcd8c4106dd39175bac
Requested by: Host: bontour.ru
URL: https://bontour.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.200.112.216 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: 738dd861edebcae3f80a3a947e183216c1eaa4029ef6026d1f76997ac02550a9

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 07:19:19 GMT
content-encoding: gzip
last-modified: Fri, 20 Jan 2023 15:23:20 GMT
server: nginx-reuseport/1.21.1
etag: W/"63cab1e8-2b26"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Fri, 17 Mar 2023 07:19:19 GMT

GET
H2 200 payment.js Show response
bontour.ru/templates/main_page/js/ 8 KB
2 KB 66ms
65ms Script
application/x-javascript 81.200.112.216
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bontour.ru/templates/main_page/js/payment.js?908dde24faa5dd041a6dddcd8c4106dd39175bac
Requested by: Host: bontour.ru
URL: https://bontour.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.200.112.216 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: e2a08fcf21bc578269fa56dd872caad03f7216f76040b52f1e0f17881028c5bc

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 07:19:19 GMT
content-encoding: gzip
last-modified: Mon, 12 Dec 2022 15:24:51 GMT
server: nginx-reuseport/1.21.1
etag: W/"639747c3-1f88"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Fri, 17 Mar 2023 07:19:19 GMT

GET
H2 200 datepicker.min.css
bontour.ru/assets/css/ 12 KB
2 KB 65ms
64ms Stylesheet
text/css 81.200.112.216
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bontour.ru/assets/css/datepicker.min.css
Requested by: Host: bontour.ru
URL: https://bontour.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.200.112.216 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: ab4c1983343a46eebbc7ea487bd200cedae7947347c99ba2dc1330a946039e92

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 07:19:19 GMT
content-encoding: gzip
last-modified: Tue, 30 Nov 2021 14:16:37 GMT
server: nginx-reuseport/1.21.1
etag: W/"61a63245-2fe1"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Fri, 17 Mar 2023 07:19:19 GMT

GET
H2 200 datepicker.min.js Show response
bontour.ru/assets/js/ 35 KB
10 KB 66ms
65ms Script
application/x-javascript 81.200.112.216
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bontour.ru/assets/js/datepicker.min.js
Requested by: Host: bontour.ru
URL: https://bontour.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.200.112.216 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: d29ad0c45b5d59035adef5b924331bbdb069e9e84acdff54216a851992163cf1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 07:19:19 GMT
content-encoding: gzip
last-modified: Tue, 30 Nov 2021 14:16:44 GMT
server: nginx-reuseport/1.21.1
etag: W/"61a6324c-8ad6"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Fri, 17 Mar 2023 07:19:19 GMT

GET
H2 200 logo.svg
bontour.ru/img/ 12 KB
5 KB 77ms
66ms Image
image/svg+xml 81.200.112.216
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bontour.ru/img/logo.svg
Requested by: Host: bontour.ru
URL: https://bontour.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.200.112.216 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: 239150a07190e8e9d04385f38cb1a30afc4ef5cade4bbd2d0a9db5d7d31d4c9d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 07:19:20 GMT
content-encoding: gzip
last-modified: Sun, 28 Nov 2021 22:48:00 GMT
server: nginx-reuseport/1.21.1
etag: W/"61a40720-2e63"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=604800
expires: Fri, 17 Mar 2023 07:19:20 GMT

GET
H2 200 bus.svg
bontour.ru/img/ 2 KB
849 B 77ms
67ms Image
image/svg+xml 81.200.112.216
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bontour.ru/img/bus.svg
Requested by: Host: bontour.ru
URL: https://bontour.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.200.112.216 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: 361aec8d77f670e1b17b3cac12f67ac227cf1683a286c3bc1aeb62c4f5ed76cd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 07:19:20 GMT
content-encoding: gzip
last-modified: Sun, 28 Nov 2021 22:48:00 GMT
server: nginx-reuseport/1.21.1
etag: W/"61a40720-6a1"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=604800
expires: Fri, 17 Mar 2023 07:19:20 GMT

GET
H2 200 plane.svg
bontour.ru/img/ 859 B
641 B 77ms
67ms Image
image/svg+xml 81.200.112.216
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bontour.ru/img/plane.svg
Requested by: Host: bontour.ru
URL: https://bontour.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.200.112.216 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: bbb5ec2ae39cd850155bed6bafa098b5c2d4059fae38395f2a9eb8160c4863ed

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 07:19:20 GMT
content-encoding: gzip
last-modified: Sun, 28 Nov 2021 22:48:00 GMT
server: nginx-reuseport/1.21.1
etag: W/"61a40720-35b"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=604800
expires: Fri, 17 Mar 2023 07:19:20 GMT

GET
H2 200 ship.svg
bontour.ru/img/ 2 KB
1 KB 77ms
68ms Image
image/svg+xml 81.200.112.216
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bontour.ru/img/ship.svg
Requested by: Host: bontour.ru
URL: https://bontour.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.200.112.216 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: aa4574e5fec0b4987cf9a0dfbeb30e23a41ac2a2805f96df6d4bd1d35ec34edd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 07:19:20 GMT
content-encoding: gzip
last-modified: Thu, 09 Dec 2021 14:56:02 GMT
server: nginx-reuseport/1.21.1
etag: W/"61b21902-766"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=604800
expires: Fri, 17 Mar 2023 07:19:20 GMT

GET
H2 200 check.svg
bontour.ru/img/ 595 B
544 B 77ms
68ms Image
image/svg+xml 81.200.112.216
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bontour.ru/img/check.svg
Requested by: Host: bontour.ru
URL: https://bontour.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.200.112.216 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: 83ea34e08eaf382125ac8865d53ec5c3037ab286c5d2c88db6b63664ef4e1b28

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 07:19:20 GMT
content-encoding: gzip
last-modified: Sun, 28 Nov 2021 22:48:00 GMT
server: nginx-reuseport/1.21.1
etag: W/"61a40720-253"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=604800
expires: Fri, 17 Mar 2023 07:19:20 GMT

GET
H2 200 percent.svg
bontour.ru/img/ 687 B
589 B 78ms
68ms Image
image/svg+xml 81.200.112.216
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bontour.ru/img/percent.svg
Requested by: Host: bontour.ru
URL: https://bontour.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.200.112.216 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: 173d4c89910e26f52388434cfd4a200f66ec779b212e33e34c78f7247bba37f4

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 07:19:20 GMT
content-encoding: gzip
last-modified: Sun, 28 Nov 2021 22:48:00 GMT
server: nginx-reuseport/1.21.1
etag: W/"61a40720-2af"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=604800
expires: Fri, 17 Mar 2023 07:19:20 GMT

GET
H2 200 module.js Show response
front.sletat.ru/modules/module6/latest/ 2 MB
350 KB 271ms
58ms Script
application/javascript 31.131.248.50
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL

https://front.sletat.ru/modules/module6/latest/module.js

Requested by

Host: bontour.ru
URL: https://bontour.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

31.131.248.50 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

Software

nginx /

Resource Hash

6a43f38ecd96ed1e24d6fc79c99f42276185bcd4eb9d66ecbb82720600574ebf

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 07:19:20 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 02 Mar 2023 12:49:42 GMT
server: nginx
content-encoding: br
etag: W/"64009b66-1b244c"
expect-ct: max-age=86400, enforce, report-uri="https://sentry.io/api/277394/security/?sentry_key=0a2b2bfb6013486ebb44c51258ebac52"
x-frame-options: SAMEORIGIN
vary: Origin, Host
content-type: application/javascript
cache-control: max-age=3600
x-xss-protection: 1; mode=block
expires: Fri, 10 Mar 2023 08:19:20 GMT

GET
H2 200 cards.jpg
bontour.ru/img/ 9 KB
9 KB 78ms
69ms Image
image/jpeg 81.200.112.216
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bontour.ru/img/cards.jpg
Requested by: Host: bontour.ru
URL: https://bontour.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.200.112.216 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: 5e5f9f937f297e0278dce0115a1829bc1939951fca50c698ffac032d6b798f82

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 07:19:20 GMT
last-modified: Sun, 28 Nov 2021 22:48:00 GMT
server: nginx-reuseport/1.21.1
etag: "61a40720-22d4"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 8916
expires: Sun, 09 Apr 2023 07:19:20 GMT

GET
H2 200 bootstrap.bundle.min.js Show response
cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/ 77 KB
23 KB 17ms
16ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/js/bootstrap.bundle.min.js

Requested by

Host: bontour.ru
URL: https://bontour.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bontour.ru/
Origin: https://bontour.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 07:19:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1377943
x-jsd-version: 5.0.2
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra19144-FRA, cache-yyz4559-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"13397-kBFpUnUH/55mLPZNjjYfNZMIlw0"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=9g4Kbbfbbq3qpvYSi%2BnRGx74SwMCWt5M8QXzCgh7aRwoQpG%2B0KkK0DXBFQvElLHuenGggacOpBbGnSFfWVkHEAnOMBoTfegIAtfLFOOZIqDRO74XXFw43qscNsrHOUNZOBdEwW4u8uYD%2BvimM40%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7a59c9eeb8c5904c-FRA

GET
H2 200 jquery-3.6.0.min.js Show response
code.jquery.com/ 87 KB
30 KB 55ms
19ms Script
application/javascript 2001:4de0:ac18::1:a:2b
STACKPATH-CDN

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jquery.com/jquery-3.6.0.min.js
Requested by: Host: bontour.ru
URL: https://bontour.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4de0:ac18::1:a:2b , Netherlands, ASN20446 (STACKPATH-CDN, US),
Reverse DNS
Software: nginx /
Resource Hash: ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e

Request headers

Referer: https://bontour.ru/
Origin: https://bontour.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 07:19:20 GMT
content-encoding: gzip
last-modified: Fri, 20 Aug 2021 17:47:53 GMT
server: nginx
etag: W/"611feac9-15d9d"
vary: Accept-Encoding
x-hw: 1678432760.dop235.fr8.t,1678432760.cds318.fr8.hn,1678432760.cds144.fr8.c
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: max-age=315360000, public
accept-ranges: bytes
content-length: 30875

GET
H2 200 custom.js Show response
bontour.ru/assets/js/ 1 KB
806 B 66ms
56ms Script
application/x-javascript 81.200.112.216
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bontour.ru/assets/js/custom.js
Requested by: Host: bontour.ru
URL: https://bontour.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.200.112.216 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: 6d520a7b3c4b05e4cf668da7504010f75c0b95a01664e3b84690e99d627fd9af

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 07:19:20 GMT
content-encoding: gzip
last-modified: Sun, 28 Nov 2021 22:48:00 GMT
server: nginx-reuseport/1.21.1
etag: W/"61a40720-577"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Fri, 17 Mar 2023 07:19:20 GMT

GET
H2 200 jquery.maskedinput.js Show response
bontour.ru/templates/main_page/js/ 10 KB
3 KB 77ms
66ms Script
application/x-javascript 81.200.112.216
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bontour.ru/templates/main_page/js/jquery.maskedinput.js
Requested by: Host: bontour.ru
URL: https://bontour.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.200.112.216 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: b134fc3f777a1aeb46d45b7999e88fb655daa62f4fafe5bcaed5f70b4bb7bcef

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 07:19:20 GMT
content-encoding: gzip
last-modified: Sun, 28 Nov 2021 22:48:00 GMT
server: nginx-reuseport/1.21.1
etag: W/"61a40720-2902"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Fri, 17 Mar 2023 07:19:20 GMT

GET
H2 200 select2.min.js Show response
cdn.jsdelivr.net/npm/select2@4.1.0-rc.0/dist/js/ 71 KB
20 KB 29ms
18ms Script
application/javascript 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/select2@4.1.0-rc.0/dist/js/select2.min.js

Requested by

Host: bontour.ru
URL: https://bontour.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

f7244fff610595b944f76bf3080d74e3af42b5dd234f8f079e698cc39ac966b0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 07:19:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1377942
x-jsd-version: 4.1.0-rc.0
content-encoding: br
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
x-served-by: cache-fra-eddf8230125-FRA, cache-jnb7026-JNB
x-jsd-version-type: version
server: cloudflare
etag: W/"11dcb-beEOdKmS/KFegD2RDRMPgmYxy4Y"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=NIEo1xNfVdE0E1oDCY5DkYseY18%2B01ctKsvAqUC%2BqkDl39A635SCPRAjpAjQCnl3eOuA0k7rp3uCpUAHXvWgsNC2o3ZExQ0Z5pieUYtFFizJIdaL4ZAUA4HYHQJdCMJBSyDcK55id%2BuCN%2BuoHn0%3D"}],"group":"cf-nel","max_age":604800}
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
timing-allow-origin: *
cf-ray: 7a59c9eecf513a82-FRA

GET
H2 200 gtm.js Show response
www.googletagmanager.com/ 122 KB
47 KB 62ms
26ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtm.js?id=GTM-5X4L87T

Requested by

Host: bontour.ru
URL: https://bontour.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

a9b067c295933b009389e9febe65ad992e5b3fd54e05c10b467d77ed6ea2351c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 07:19:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 48195
x-xss-protection: 0
last-modified: Fri, 10 Mar 2023 06:00:00 GMT
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
access-control-allow-headers: Cache-Control
expires: Fri, 10 Mar 2023 07:19:20 GMT

GET
H2 200 openapi.js Show response
vk.com/js/api/ 104 KB
23 KB 165ms
38ms Script
application/x-javascript 87.240.132.72
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to

Full URL: https://vk.com/js/api/openapi.js?169
Requested by: Host: bontour.ru
URL: https://bontour.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.240.132.72 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),
Reverse DNS: srv72-132-240-87.vk.com
Software: kittenx /
Resource Hash: 2f7760ee2b81f4659c6f34ada0f7a7d263c2ce6035c2b5f4b082fac60802897e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 07:19:20 GMT
content-encoding: br
x-frontend: front220204
last-modified: Fri, 02 Dec 2022 07:14:40 GMT
server: kittenx
etag: "6389a5e0-5b16"
content-type: application/x-javascript
access-control-expose-headers: X-Frontend
cache-control: max-age=345600
content-length: 23318
expires: Tue, 14 Mar 2023 07:19:20 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 211 KB
73 KB 209ms
99ms Script
application/javascript 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: bontour.ru
URL: https://bontour.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

025131d9c15ae8bc85f70a51c95aece581630b3dc3caa26cfeb1f79532c224d4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 07:19:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000
last-modified: Tue, 07 Mar 2023 10:05:49 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6406e24d-11fef"
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 73711
expires: Fri, 10 Mar 2023 08:19:20 GMT

GET /
bitrix.infoflot.com/rest/api/search.filter/ Frame 8D27 0
0

GET
H2 200 / Show response
bitrix.infoflot.com/rest/api/search.filter/ Frame 8D27 3 KB
2 KB 306ms
147ms Document
text/html 188.225.80.60
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bitrix.infoflot.com/rest/api/search.filter/?key=YTo0OntzOjI6IklEIjtzOjM6Ijg2NiI7czo0OiJVU0VSIjtzOjI4OiJibUYwWVd4cFlTMXVRR0p2Ym5SdmRYSXVjblU9IjtzOjY6IlJBTkRPTSI7czo4OiJmZWx3bWd3ZyI7czoxNToiSU5GT0ZMT1QtQVBJS0VZIjtzOjQwOiI3YTdlYjM1N2VlMzVmNzc1ZmJhZGFiMzIwMWVkNjE0YTM0OGQwYjM5Ijt9&referer=https%3A%2F%2Fbontour.ru%2F

Requested by

Host: bontour.ru
URL: https://bontour.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.225.80.60 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),

Reverse DNS

worldtradetips.com

Software

nginx /

Resource Hash

fc4b6fe5ab5ba13bbf8926a5388785b51f845ca15e877209e4be6f8622a96fb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bontour.ru/
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
accept-language: de-DE,de;q=0.9

Response headers

accept: text/html
access-control-allow-credentials: true
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
content-encoding: gzip
content-type: text/html; charset=UTF-8
date: Fri, 10 Mar 2023 07:19:20 GMT
expires: Thu, 19 Nov 1981 08:52:00 GMT
p3p: policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
pragma: no-cache
server: nginx
vary: HTTPS
x-content-type-options: nosniff
x-powered-cms: Bitrix Site Manager (80c3edb7948e58670f711726251d67e3)

GET
H2 200 bodybg.svg
bontour.ru/img/ 698 B
615 B 66ms
65ms Image
image/svg+xml 81.200.112.216
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bontour.ru/img/bodybg.svg
Requested by: Host: bontour.ru
URL: https://bontour.ru/assets/css/custom.css
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.200.112.216 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: 7c2c86e10a65e5ab57166e5e9124d47f90e582eba901aaccffc032b9eba46d5b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/assets/css/custom.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 07:19:20 GMT
content-encoding: gzip
last-modified: Sun, 28 Nov 2021 22:48:00 GMT
server: nginx-reuseport/1.21.1
etag: W/"61a40720-2ba"
vary: Accept-Encoding
content-type: image/svg+xml
cache-control: max-age=604800
expires: Fri, 17 Mar 2023 07:19:20 GMT

GET
DATA 200
OK truncated
/ 183 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 829ad3ed0c2f892e7df84989078dd4246fc0a5f1a179439e6314462465dbb2f6

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 8442.webp
bontour.ru/images/slider/ 69 KB
69 KB 105ms
104ms Image
image/webp 81.200.112.216
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bontour.ru/images/slider/8442.webp
Requested by: Host: bontour.ru
URL: https://bontour.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.200.112.216 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: 2273a563ad580e71134f573d062216a6e9be7b12a7de638e7549c0ab4e750a5d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 07:19:20 GMT
last-modified: Tue, 07 Mar 2023 09:38:04 GMT
server: nginx-reuseport/1.21.1
etag: "640705fc-11246"
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 70214
expires: Sun, 09 Apr 2023 07:19:20 GMT

GET
H2 200 21362.webp
bontour.ru/images/slider/ 53 KB
53 KB 105ms
104ms Image
image/webp 81.200.112.216
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bontour.ru/images/slider/21362.webp
Requested by: Host: bontour.ru
URL: https://bontour.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.200.112.216 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: f4d5b4d88a4b904e2c3b1fb7d3f9ce5245872b11a3e635eb30caa08415930d8e

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 07:19:20 GMT
last-modified: Wed, 01 Feb 2023 14:01:46 GMT
server: nginx-reuseport/1.21.1
etag: "63da70ca-d4b6"
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 54454
expires: Sun, 09 Apr 2023 07:19:20 GMT

GET
H2 200 21140.webp
bontour.ru/images/slider/ 56 KB
56 KB 105ms
104ms Image
image/webp 81.200.112.216
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bontour.ru/images/slider/21140.webp
Requested by: Host: bontour.ru
URL: https://bontour.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.200.112.216 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: 67fd641216208634989f2b7a2735b1a0b2c2d45e70837f346cebd0fc8a31f8ea

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 07:19:20 GMT
last-modified: Tue, 28 Feb 2023 10:44:22 GMT
server: nginx-reuseport/1.21.1
etag: "63fddb06-dfb8"
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 57272
expires: Sun, 09 Apr 2023 07:19:20 GMT

GET
H2 200 21431.webp
bontour.ru/images/slider/ 64 KB
64 KB 105ms
105ms Image
image/webp 81.200.112.216
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bontour.ru/images/slider/21431.webp
Requested by: Host: bontour.ru
URL: https://bontour.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.200.112.216 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: e976a6ddb4553c51f633b7e40ed0800ad18186a38cd8e68d3b1dbd9d3698b47a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 07:19:20 GMT
last-modified: Fri, 03 Mar 2023 11:42:15 GMT
server: nginx-reuseport/1.21.1
etag: "6401dd17-fecc"
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 65228
expires: Sun, 09 Apr 2023 07:19:20 GMT

GET
DATA 200
OK truncated
/ 207 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: d6559e15fa4090dd921467b6da0e02ef0198641f86b2c81faba5648dec24f113

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 208 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: fdaa8b72e5f72dc4b11244459070632baec41585fc4fa74741e54c8b006250bd

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 362 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 79c729b62410e675e6629dac39332d2119d355c84d803d40c4af4a94577878a2

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 active.jpg
bontour.ru/img/ 832 KB
834 KB 102ms
94ms Image
image/jpeg 81.200.112.216
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bontour.ru/img/active.jpg
Requested by: Host: bontour.ru
URL: https://bontour.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.200.112.216 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: e13da2ba4f2b847553a4f925238ccc1de13e72870053284b91b7bf59ffe11aa7

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 07:19:20 GMT
last-modified: Sat, 14 May 2022 14:34:09 GMT
server: nginx-reuseport/1.21.1
etag: "627fbde1-d01ff"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 852479
expires: Sun, 09 Apr 2023 07:19:20 GMT

GET
H2 200 may.webp
bontour.ru/img/ 44 KB
44 KB 102ms
94ms Image
image/webp 81.200.112.216
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bontour.ru/img/may.webp
Requested by: Host: bontour.ru
URL: https://bontour.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.200.112.216 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: cf42dfa9fa14fe9486252c3f7da16d64aa2397a84f2e152632cc806335602bb1

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 07:19:20 GMT
last-modified: Wed, 02 Mar 2022 12:18:29 GMT
server: nginx-reuseport/1.21.1
etag: "621f6095-b036"
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 45110
expires: Sun, 09 Apr 2023 07:19:20 GMT

GET
H2 200 bus.webp
bontour.ru/img/ 13 KB
13 KB 102ms
94ms Image
image/webp 81.200.112.216
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bontour.ru/img/bus.webp
Requested by: Host: bontour.ru
URL: https://bontour.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.200.112.216 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: 73b76228a813f0146c3f4c313bfb7f966f44f7eb93dd8611ca475eda3efcc173

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 07:19:20 GMT
last-modified: Thu, 02 Feb 2023 14:58:21 GMT
server: nginx-reuseport/1.21.1
etag: "63dbcf8d-328c"
content-type: image/webp
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12940
expires: Sun, 09 Apr 2023 07:19:20 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
10 KB 54ms
20ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bontour.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:04:49 GMT
x-content-type-options: nosniff
age: 83671
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9644
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Mar 2024 08:04:49 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 42ms
8ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bontour.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 09:37:51 GMT
x-content-type-options: nosniff
age: 596489
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Mar 2024 09:37:51 GMT

GET
H3 200 bootstrap-icons.woff2
cdn.jsdelivr.net/npm/bootstrap-icons@1.7.1/font/fonts/ 90 KB
91 KB 21ms
15ms Font
font/woff2 2606:4700::6810:5914
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://cdn.jsdelivr.net/npm/bootstrap-icons@1.7.1/font/fonts/bootstrap-icons.woff2?a74547b2f0863226942ff8ded57db345

Requested by

Host: cdn.jsdelivr.net
URL: https://cdn.jsdelivr.net/npm/bootstrap-icons@1.7.1/font/bootstrap-icons.css

Protocol

Security

QUIC, , AES_128_GCM

Server

2606:4700::6810:5914 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

6e30be95c88e3acf121f68a271f54b13af21cd26e311fe37df694874edfd48c7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://cdn.jsdelivr.net/npm/bootstrap-icons@1.7.1/font/bootstrap-icons.css
Origin: https://bontour.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 07:19:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains; preload
x-content-type-options: nosniff
cf-cache-status: HIT
nel: {"success_fraction":0.01,"report_to":"cf-nel","max_age":604800}
age: 1377915
x-jsd-version: 1.7.1
x-cache: HIT, HIT
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=86400, h3-29=":443"; ma=86400
content-length: 92004
x-served-by: cache-fra-eddf8230082-FRA, cache-yyz4567-YYZ
x-jsd-version-type: version
server: cloudflare
etag: W/"16764-5cA/1NBxXTpZ21/bpKGTdM88yd4"
vary: Accept-Encoding
report-to: {"endpoints":[{"url":"https:\/\/a.nel.cloudflare.com\/report\/v3?s=12KnXdy8UC1T%2FjmfBg9qT7U%2B5aoYSOD8XEQ1P4p6JMFtXgTvZPz2oI3reDM0d1TtzVXvOUtEgqIXvZU9qZLt7i%2BycEvGHjN3KK5yXmTnCAl3ifnWqa8IMgiDSeucmShSZgy2Rf0WC1NhqCKX7sc%3D"}],"group":"cf-nel","max_age":604800}
content-type: font/woff2
access-control-allow-origin: *
access-control-expose-headers: *
cache-control: public, max-age=31536000, s-maxage=31536000, immutable
accept-ranges: bytes
timing-allow-origin: *
cf-ray: 7a59c9eeec023803-FRA

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 54ms
21ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bontour.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 01:29:06 GMT
x-content-type-options: nosniff
age: 366614
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Mar 2024 01:29:06 GMT

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
9 KB 30ms
10ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bontour.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:47:40 GMT
x-content-type-options: nosniff
age: 81100
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9628
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Mar 2024 08:47:40 GMT

GET
H2 200 915FnOV2Bu Show response
code.jivosite.com/script/widget/ 17 KB
6 KB 75ms
10ms Script
application/javascript 2a13:1ec0:1000::1073
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jivosite.com/script/widget/915FnOV2Bu
Requested by: Host: bontour.ru
URL: https://bontour.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0:1000::1073 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 9cc6fead79b723d054a932024d3d8971832565a64c7eb79d19ff529711f86b19

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-id: fr5-up-gc15
date: Fri, 10 Mar 2023 07:19:20 GMT
content-encoding: br
via: 1.1 sharxy
x-cached-since: 2023-03-10T06:41:03+00:00
x-geo-shard: sber1
content-length: 6025
last-modified: Mon, 06 Mar 2023 12:34:40 GMT
server: nginx
etag: "6405dde0-1789"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=7200
cache: HIT
accept-ranges: bytes
expires: Fri, 10 Mar 2023 08:41:03 GMT

GET
H2 200 clickstream.bundle.js Show response
c.sberlead.ru/ 196 KB
65 KB 787ms
43ms Script
application/javascript 37.18.73.104
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.sberlead.ru/clickstream.bundle.js

Requested by

Host: bontour.ru
URL: https://bontour.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.73.104 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),

Reverse DNS

sberlead.ru

Software

nginx/1.21.6 /

Resource Hash

04a32a01bcef264c98a7125b2d0461eeab8b92c58fddcfffa4216eb7b925d284

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 07:19:20 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
last-modified: Tue, 07 Mar 2023 14:03:36 GMT
server: nginx/1.21.6
etag: W/"64074438-311b1"
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400
expires: Sat, 11 Mar 2023 07:19:20 GMT

GET
H2 200 footer-bg.jpg
bontour.ru/img/ 447 KB
448 KB 238ms
238ms Image
image/jpeg 81.200.112.216
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://bontour.ru/img/footer-bg.jpg
Requested by: Host: bontour.ru
URL: https://bontour.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.200.112.216 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 /
Resource Hash: 50cb67053b49ad7436c3c2ecbae6d2df1f6cd24b66613020f78edb1818dafa59

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 07:19:20 GMT
last-modified: Sun, 28 Nov 2021 22:48:00 GMT
server: nginx-reuseport/1.21.1
etag: "61a40720-6fcac"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 457900
expires: Sun, 09 Apr 2023 07:19:20 GMT

GET
DATA 200
OK truncated
/ 822 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cf9af87c780a541b435b62d70cdb32570c49fbc8108fdbba4274d84125711b2c

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 803 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 6fba15e4ebe3e5a61b0b98d71f778f090d93c42aa003dfa18bacdfa991523cfc

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 561 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: a966ed0ca0d951d32060effb354936830dfd58ab0687d5489efc1cdc424cbb2f

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
9 KB 11ms
10ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47aa3bfad6cb9e2d63abdd58f4e6ce4f7b9fd2704b2b15193c71874035fe025d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bontour.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 17:12:37 GMT
x-content-type-options: nosniff
age: 137203
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9576
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Mar 2024 17:12:37 GMT

GET
H2 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:wght@300;400;700&display=swap

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bontour.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:19:10 GMT
x-content-type-options: nosniff
age: 3610
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Mar 2024 06:19:10 GMT

GET
H2 200 analytics.js Show response
www.google-analytics.com/ 49 KB
20 KB 35ms
7ms Script
text/javascript 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/analytics.js

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5X4L87T

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=10886400; includeSubDomains; preload
content-encoding: gzip
x-content-type-options: nosniff
date: Fri, 10 Mar 2023 06:14:50 GMT
last-modified: Tue, 10 Jan 2023 21:29:14 GMT
server: Golfe2
age: 3870
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7200
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20085
expires: Fri, 10 Mar 2023 08:14:50 GMT

GET
H2 200 code.js Show response
top-fwz1.mail.ru/js/ 33 KB
15 KB 170ms
54ms Script
application/javascript 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://top-fwz1.mail.ru/js/code.js

Requested by

Host: bontour.ru
URL: http://bontour.ru/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

86358469a3188d8dae051045546110638b6c55e8d4ff55859c381ac202ed4769

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 07:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
amp-access-control-allow-source-origin: *
last-modified: Wed, 11 Jan 2023 13:29:54 GMT
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
etag: W/"63beb9d2-85cc"
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: application/javascript
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: max-age=3600, private
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *
expires: Fri, 10 Mar 2023 08:19:20 GMT

GET
H2 200 js Show response
www.googletagmanager.com/gtag/ 222 KB
78 KB 27ms
27ms Script
application/javascript 2a00:1450:4001:82a::2008
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagmanager.com/gtag/js?id=G-9E8Q5PRV6V&l=dataLayer&cx=c

Requested by

Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtm.js?id=GTM-5X4L87T

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Google Tag Manager /

Resource Hash

041c6681a45e699e733ccc0f047048d8a7c7bd0683d7ec8726abc5b6a5781caa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 07:19:20 GMT
content-encoding: br
strict-transport-security: max-age=31536000; includeSubDomains
server: Google Tag Manager
vary: Accept-Encoding
content-type: application/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: private, max-age=900
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
access-control-allow-headers: Cache-Control
content-length: 79591
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
expires: Fri, 10 Mar 2023 07:19:20 GMT

GET
H2 200 915FnOV2Bu Show response
code.jivosite.com/script/widget/config/ 5 KB
2 KB 25ms
8ms XHR
application/x-javascript 2a13:1ec0:1000::1073
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jivosite.com/script/widget/config/915FnOV2Bu
Requested by: Host: code.jivosite.com
URL: https://code.jivosite.com/script/widget/915FnOV2Bu
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0:1000::1073 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 98fc48396daf6742203aaeca0c0bf2637c2b43411452aaf72be0f373023b675d

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-id: fr5-up-gc15
date: Fri, 10 Mar 2023 07:19:20 GMT
content-encoding: gzip
via: 1.1 sharxy
server: nginx
vary: Accept-Encoding
x-cached-since: 2023-03-10T05:57:30+00:00
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: max-age=7200
cache: HIT
accept-ranges: bytes
x-geo-shard: sber1
content-length: 1792
expires: Fri, 10 Mar 2023 07:57:30 GMT

GET
H2 200 915FnOV2Bu Show response
node-sber1-az3-3.jivosite.com/widget/status/326582/ 198 B
520 B 141ms
42ms XHR
application/json 46.243.227.42
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://node-sber1-az3-3.jivosite.com/widget/status/326582/915FnOV2Bu?rnd=0.779136610408188

Requested by

Host: code.jivosite.com
URL: https://code.jivosite.com/script/widget/915FnOV2Bu

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

46.243.227.42 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),

Reverse DNS

Software

foxy/2.0.1 /

Resource Hash

9906534230828b2ea67af9b9d589e1b1c8dac175282d2ed3e15aa23dbac9f303

Security Headers

Name	Value
Content-Security-Policy	frame-ancestors 'none';
X-Frame-Options	DENY

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
content-security-policy: frame-ancestors 'none';
date: Fri, 10 Mar 2023 07:19:20 GMT
server: foxy/2.0.1
x-botmode: no
x-geoip: DE;BY;Nuremberg
x-frame-options: DENY
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bontour.ru
access-control-expose-headers: X-Geoip, X-Botmode
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
access-control-allow-max-age: 1728000
content-length: 198

POST
H2 200 collect Show response
www.google-analytics.com/j/ 4 B
205 B 15ms
14ms XHR
text/plain 2a00:1450:4001:810::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.google-analytics.com/j/collect?v=1&_v=j99&a=1082084701&t=pageview&_s=1&dl=https%3A%2F%2Fbontour.ru%2F&ul=en-us&de=UTF-8&dt=%D0%AD%D0%BA%D1%81%D0%BA%D1%83%D1%80%D1%81%D0%B8%D0%BE%D0%BD%D0%BD%D1%8B%D0%B5%20%D1%82%D1%83%D1%80%D1%8B%20%E2%80%93%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%B5%D1%81%D0%BD%D1%8B%D0%B5%20%D0%BC%D0%B0%D1%80%D1%88%D1%80%D1%83%D1%82%D1%8B%2C%20%D0%BF%D1%80%D0%B8%D1%8F%D1%82%D0%BD%D1%8B%D0%B5%20%D1%86%D0%B5%D0%BD%D1%8B%20%7C%20%C2%AB%D0%91%D0%BE%D0%BD%20%D1%82%D1%83%D1%80%C2%BB&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAEABAAAAACAAI~&jid=568573470&gjid=1898687265&cid=11606577.1678432760&tid=UA-91619081-1&_gid=1850787857.1678432760&_r=1&_slc=1&gtm=45He3360n815X4L87T&z=1473294262

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://bontour.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 07:19:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bontour.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
region1.analytics.google.com/g/ 0
250 B 45ms
14ms Ping
text/plain 2001:4860:4802:34::36
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://region1.analytics.google.com/g/collect?v=2&tid=G-9E8Q5PRV6V&gtm=45je3360&_p=1082084701&_gaz=1&cid=11606577.1678432760&ul=en-us&sr=1600x1200&uaa=&uab=&uafvl=&uamb=0&uam=&uap=&uapv=&uaw=0&_s=1&sid=1678432760&sct=1&seg=0&dl=https%3A%2F%2Fbontour.ru%2F&dr=http%3A%2F%2Fbontour.ru%2F&dt=%D0%AD%D0%BA%D1%81%D0%BA%D1%83%D1%80%D1%81%D0%B8%D0%BE%D0%BD%D0%BD%D1%8B%D0%B5%20%D1%82%D1%83%D1%80%D1%8B%20%E2%80%93%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%B5%D1%81%D0%BD%D1%8B%D0%B5%20%D0%BC%D0%B0%D1%80%D1%88%D1%80%D1%83%D1%82%D1%8B%2C%20%D0%BF%D1%80%D0%B8%D1%8F%D1%82%D0%BD%D1%8B%D0%B5%20%D1%86%D0%B5%D0%BD%D1%8B%20%7C%20%C2%AB%D0%91%D0%BE%D0%BD%20%D1%82%D1%83%D1%80%C2%BB&en=page_view&_fv=1&_ss=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9E8Q5PRV6V&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2001:4860:4802:34::36 , United States, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 07:19:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bontour.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 204 collect
stats.g.doubleclick.net/g/ 0
56 B 59ms
20ms Ping
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL: https://stats.g.doubleclick.net/g/collect?v=2&tid=G-9E8Q5PRV6V&cid=11606577.1678432760&gtm=45je3360&aip=1
Requested by: Host: www.googletagmanager.com
URL: https://www.googletagmanager.com/gtag/js?id=G-9E8Q5PRV6V&l=dataLayer&cx=c
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),
Reverse DNS
Software: Golfe2 /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 07:19:20 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bontour.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
408 B 50ms
20ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?v=1&t=sr&slf_rd=1&_r=4&tid=G-9E8Q5PRV6V&cid=11606577.1678432760&gtm=45je3360&aip=1&z=155603879

Requested by

Host: bontour.ru
URL: https://bontour.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 07:19:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 collect Show response
stats.g.doubleclick.net/j/ 4 B
345 B 47ms
19ms XHR
text/plain 2a00:1450:400c:c06::9c
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j99&tid=UA-91619081-1&cid=11606577.1678432760&jid=568573470&gjid=1898687265&_gid=1850787857.1678432760&_u=YEBAAEAAAAAAACAAI~&z=1744971633

Requested by

Host: www.google-analytics.com
URL: https://www.google-analytics.com/analytics.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400c:c06::9c Brussels, Belgium, ASN15169 (GOOGLE, US),

Reverse DNS

Software

Golfe2 /

Resource Hash

84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80

Security Headers

Name	Value
Strict-Transport-Security	max-age=10886400; includeSubDomains; preload
X-Content-Type-Options	nosniff

Request headers

Referer: https://bontour.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
strict-transport-security: max-age=10886400; includeSubDomains; preload
date: Fri, 10 Mar 2023 07:19:20 GMT
x-content-type-options: nosniff
last-modified: Sun, 17 May 1998 03:00:00 GMT
server: Golfe2
content-type: text/plain
access-control-allow-origin: https://bontour.ru
cache-control: no-cache, no-store, must-revalidate
access-control-allow-credentials: true
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 4
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 rtrg
vk.com/ 49 B
576 B 50ms
50ms Image
image/gif 87.240.132.72
VKONTAKTE-SPB-AS ...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://vk.com/rtrg?p=VK-RTRG-1567155-3lDUb&metatag_url=https%3A%2F%2Fbontour.ru%2F&metatag_title=%D0%AD%D0%BA%D1%81%D0%BA%D1%83%D1%80%D1%81%D0%B8%D0%BE%D0%BD%D0%BD%D1%8B%D0%B5%20%D1%82%D1%83%D1%80%D1%8B%20%E2%80%93%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%B5%D1%81%D0%BD%D1%8B%D0%B5%20%D0%BC%D0%B0%D1%80%D1%88%D1%80%D1%83%D1%82%D1%8B%2C%20%D0%BF%D1%80%D0%B8%D1%8F%D1%82%D0%BD%D1%8B%D0%B5%20%D1%86%D0%B5%D0%BD%D1%8B%20%7C%20%C2%AB%D0%91%D0%BE%D0%BD%20%D1%82%D1%83%D1%80%C2%BB

Requested by

Host: bontour.ru
URL: https://bontour.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

87.240.132.72 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS vk.com, RU),

Reverse DNS

srv72-132-240-87.vk.com

Software

kittenx / KPHP/7.4.113472

Resource Hash

2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef

Security Headers

Name	Value
Strict-Transport-Security	max-age=15768000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 07:19:20 GMT
content-encoding: gzip
x-frontend: front220204
strict-transport-security: max-age=15768000
server: kittenx
x-powered-by: KPHP/7.4.113472
content-type: image/gif
access-control-expose-headers: X-Frontend
cache-control: no-store
content-length: 65

GET
H2

200

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9938.PnNc2ExBVKmofquf9XLbUuJLQiOlN3N3PT5SHv110XgaZVAGl28EbC6TzcgsPD3j.ILw_4bLs9lYT-lKaDyJ9Op15KXY%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9938.GYYm561Nlifrz9PnSgMtbc-ElnBqD6ddogHVO1FCPr-fHQ_SuK5nds57-egeEI9Jc3e6OsifPYsreUzye2FDm7o6YeJbidGznAWuIzkO3MU%2C.ITYg1_a8zxNu4H1djAOjvZ1mbF0%2C

43 B
67 B

51ms
51ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9938.GYYm561Nlifrz9PnSgMtbc-ElnBqD6ddogHVO1FCPr-fHQ_SuK5nds57-egeEI9Jc3e6OsifPYsreUzye2FDm7o6YeJbidGznAWuIzkO3MU%2C.ITYg1_a8zxNu4H1djAOjvZ1mbF0%2C

Requested by

Host: bontour.ru
URL: https://bontour.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 07:19:20 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9938.GYYm561Nlifrz9PnSgMtbc-ElnBqD6ddogHVO1FCPr-fHQ_SuK5nds57-egeEI9Jc3e6OsifPYsreUzye2FDm7o6YeJbidGznAWuIzkO3MU%2C.ITYg1_a8zxNu4H1djAOjvZ1mbF0%2C
date: Fri, 10 Mar 2023 07:19:20 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
113 B 56ms
56ms Image
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: bontour.ru
URL: https://bontour.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 07:19:20 GMT
strict-transport-security: max-age=31536000
last-modified: Tue, 07 Mar 2023 10:05:49 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag: "6406e24d-2b"
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Fri, 10 Mar 2023 08:19:20 GMT

GET
H2 200 ga-audiences
www.google.com/ads/ 42 B
408 B 52ms
22ms Image
image/gif 2a00:1450:4001:831::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-91619081-1&cid=11606577.1678432760&jid=568573470&_u=YEBAAEAAAAAAACAAI~&z=253731116

Requested by

Host: bontour.ru
URL: https://bontour.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:831::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 07:19:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 ga-audiences
www.google.de/ads/ 42 B
107 B 20ms
19ms Image
image/gif 2a00:1450:4001:829::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.de/ads/ga-audiences?t=sr&aip=1&_r=4&slf_rd=1&v=1&_v=j99&tid=UA-91619081-1&cid=11606577.1678432760&jid=568573470&_u=YEBAAEAAAAAAACAAI~&z=253731116

Requested by

Host: bontour.ru
URL: https://bontour.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 07:19:20 GMT
x-content-type-options: nosniff
server: cafe
content-type: image/gif
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, no-store, must-revalidate
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 preloader.css
bitrix.infoflot.com/local/templates/infoflot/frontend/css/ Frame 8D27 337 B
394 B 50ms
45ms Stylesheet
text/css 188.225.80.60
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bitrix.infoflot.com/local/templates/infoflot/frontend/css/preloader.css

Requested by

Host: bitrix.infoflot.com
URL: https://bitrix.infoflot.com/rest/api/search.filter/?key=YTo0OntzOjI6IklEIjtzOjM6Ijg2NiI7czo0OiJVU0VSIjtzOjI4OiJibUYwWVd4cFlTMXVRR0p2Ym5SdmRYSXVjblU9IjtzOjY6IlJBTkRPTSI7czo4OiJmZWx3bWd3ZyI7czoxNToiSU5GT0ZMT1QtQVBJS0VZIjtzOjQwOiI3YTdlYjM1N2VlMzVmNzc1ZmJhZGFiMzIwMWVkNjE0YTM0OGQwYjM5Ijt9&referer=https%3A%2F%2Fbontour.ru%2F

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.225.80.60 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),

Reverse DNS

worldtradetips.com

Software

nginx /

Resource Hash

b2c7be56ad296dd8cca02499a856199ea218ccd010792c88401746af5edc1541

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitrix.infoflot.com/rest/api/search.filter/?key=YTo0OntzOjI6IklEIjtzOjM6Ijg2NiI7czo0OiJVU0VSIjtzOjI4OiJibUYwWVd4cFlTMXVRR0p2Ym5SdmRYSXVjblU9IjtzOjY6IlJBTkRPTSI7czo4OiJmZWx3bWd3ZyI7czoxNToiSU5GT0ZMT1QtQVBJS0VZIjtzOjQwOiI3YTdlYjM1N2VlMzVmNzc1ZmJhZGFiMzIwMWVkNjE0YTM0OGQwYjM5Ijt9&referer=https%3A%2F%2Fbontour.ru%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 07:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 02 Sep 2022 03:57:34 GMT
server: nginx
etag: W/"63117f2e-151"
content-type: text/css
cache-control: max-age=2592000
expires: Sun, 09 Apr 2023 07:19:20 GMT

GET
H2 200 app.min.css
bitrix.infoflot.com/local/templates/infoflot/frontend/css/ Frame 8D27 234 KB
43 KB 99ms
94ms Stylesheet
text/css 188.225.80.60
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bitrix.infoflot.com/local/templates/infoflot/frontend/css/app.min.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.225.80.60 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),

Reverse DNS

worldtradetips.com

Software

nginx /

Resource Hash

98c34f518c2f423a8f18de9a992bf9ae6cf9b599e2bfd411d8fb29071b4b146d

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitrix.infoflot.com/rest/api/search.filter/?key=YTo0OntzOjI6IklEIjtzOjM6Ijg2NiI7czo0OiJVU0VSIjtzOjI4OiJibUYwWVd4cFlTMXVRR0p2Ym5SdmRYSXVjblU9IjtzOjY6IlJBTkRPTSI7czo4OiJmZWx3bWd3ZyI7czoxNToiSU5GT0ZMT1QtQVBJS0VZIjtzOjQwOiI3YTdlYjM1N2VlMzVmNzc1ZmJhZGFiMzIwMWVkNjE0YTM0OGQwYjM5Ijt9&referer=https%3A%2F%2Fbontour.ru%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 07:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 31 Oct 2022 10:33:49 GMT
server: nginx
etag: W/"635fa48d-3a8ee"
content-type: text/css
cache-control: max-age=2592000
expires: Sun, 09 Apr 2023 07:19:20 GMT

GET
H2 200 custom.css
bitrix.infoflot.com/local/templates/infoflot/frontend/css/ Frame 8D27 1013 B
687 B 143ms
138ms Stylesheet
text/css 188.225.80.60
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bitrix.infoflot.com/local/templates/infoflot/frontend/css/custom.css

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.225.80.60 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),

Reverse DNS

worldtradetips.com

Software

nginx /

Resource Hash

3b6f26d1138402a1361f29c31b0c549ac5313f0804560e94285a51b17ebf587e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitrix.infoflot.com/rest/api/search.filter/?key=YTo0OntzOjI6IklEIjtzOjM6Ijg2NiI7czo0OiJVU0VSIjtzOjI4OiJibUYwWVd4cFlTMXVRR0p2Ym5SdmRYSXVjblU9IjtzOjY6IlJBTkRPTSI7czo4OiJmZWx3bWd3ZyI7czoxNToiSU5GT0ZMT1QtQVBJS0VZIjtzOjQwOiI3YTdlYjM1N2VlMzVmNzc1ZmJhZGFiMzIwMWVkNjE0YTM0OGQwYjM5Ijt9&referer=https%3A%2F%2Fbontour.ru%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 07:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 19 Sep 2022 15:32:05 GMT
server: nginx
etag: W/"63288b75-3f5"
content-type: text/css
cache-control: max-age=2592000
expires: Sun, 09 Apr 2023 07:19:20 GMT

GET
H2 200 preloader.svg
bitrix.infoflot.com/local/templates/infoflot/frontend/images/ Frame 8D27 656 B
858 B 144ms
140ms Image
image/svg+xml 188.225.80.60
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bitrix.infoflot.com/local/templates/infoflot/frontend/images/preloader.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.225.80.60 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),

Reverse DNS

worldtradetips.com

Software

nginx /

Resource Hash

4d9c1c1bf1a712985b8a878245f5db012cc3bde9c2b562727840706e5c577c6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitrix.infoflot.com/rest/api/search.filter/?key=YTo0OntzOjI6IklEIjtzOjM6Ijg2NiI7czo0OiJVU0VSIjtzOjI4OiJibUYwWVd4cFlTMXVRR0p2Ym5SdmRYSXVjblU9IjtzOjY6IlJBTkRPTSI7czo4OiJmZWx3bWd3ZyI7czoxNToiSU5GT0ZMT1QtQVBJS0VZIjtzOjQwOiI3YTdlYjM1N2VlMzVmNzc1ZmJhZGFiMzIwMWVkNjE0YTM0OGQwYjM5Ijt9&referer=https%3A%2F%2Fbontour.ru%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 07:19:20 GMT
x-content-type-options: nosniff
last-modified: Mon, 19 Sep 2022 15:32:05 GMT
server: nginx
etag: "63288b75-290"
content-type: image/svg+xml
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 656
expires: Sun, 09 Apr 2023 07:19:20 GMT

GET
H2 200 jquery.min.js Show response
bitrix.infoflot.com/local/templates/infoflot/frontend/js/ Frame 8D27 95 KB
39 KB 143ms
138ms Script
application/javascript 188.225.80.60
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bitrix.infoflot.com/local/templates/infoflot/frontend/js/jquery.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.225.80.60 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),

Reverse DNS

worldtradetips.com

Software

nginx /

Resource Hash

3b092a51a3d2aa129aaf9d2b9c3f802e38bea1c1ff3d327f9a2bcc96202d0598

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitrix.infoflot.com/rest/api/search.filter/?key=YTo0OntzOjI6IklEIjtzOjM6Ijg2NiI7czo0OiJVU0VSIjtzOjI4OiJibUYwWVd4cFlTMXVRR0p2Ym5SdmRYSXVjblU9IjtzOjY6IlJBTkRPTSI7czo4OiJmZWx3bWd3ZyI7czoxNToiSU5GT0ZMT1QtQVBJS0VZIjtzOjQwOiI3YTdlYjM1N2VlMzVmNzc1ZmJhZGFiMzIwMWVkNjE0YTM0OGQwYjM5Ijt9&referer=https%3A%2F%2Fbontour.ru%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 07:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 02 Sep 2022 03:57:34 GMT
server: nginx
etag: W/"63117f2e-17aeb"
content-type: application/javascript
cache-control: max-age=2592000
expires: Sun, 09 Apr 2023 07:19:20 GMT

GET
H2 200 lib.min.js Show response
bitrix.infoflot.com/local/templates/infoflot/frontend/js/ Frame 8D27 377 KB
132 KB 143ms
139ms Script
application/javascript 188.225.80.60
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bitrix.infoflot.com/local/templates/infoflot/frontend/js/lib.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.225.80.60 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),

Reverse DNS

worldtradetips.com

Software

nginx /

Resource Hash

228567abbd6de1e300654f5fd8a2937c048b34498377e1b9f17211d530a7166e

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitrix.infoflot.com/rest/api/search.filter/?key=YTo0OntzOjI6IklEIjtzOjM6Ijg2NiI7czo0OiJVU0VSIjtzOjI4OiJibUYwWVd4cFlTMXVRR0p2Ym5SdmRYSXVjblU9IjtzOjY6IlJBTkRPTSI7czo4OiJmZWx3bWd3ZyI7czoxNToiSU5GT0ZMT1QtQVBJS0VZIjtzOjQwOiI3YTdlYjM1N2VlMzVmNzc1ZmJhZGFiMzIwMWVkNjE0YTM0OGQwYjM5Ijt9&referer=https%3A%2F%2Fbontour.ru%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 07:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 31 Oct 2022 10:33:49 GMT
server: nginx
etag: W/"635fa48d-5e5bd"
content-type: application/javascript
cache-control: max-age=2592000
expires: Sun, 09 Apr 2023 07:19:20 GMT

GET
H2 200 infoflot.js Show response
bitrix.infoflot.com/local/templates/infoflot/frontend/js/ Frame 8D27 75 KB
16 KB 143ms
139ms Script
application/javascript 188.225.80.60
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bitrix.infoflot.com/local/templates/infoflot/frontend/js/infoflot.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.225.80.60 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),

Reverse DNS

worldtradetips.com

Software

nginx /

Resource Hash

05240da99e7fe68fda1501e4a21dfad862fb74710674fa8cb77ed5a212acd607

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitrix.infoflot.com/rest/api/search.filter/?key=YTo0OntzOjI6IklEIjtzOjM6Ijg2NiI7czo0OiJVU0VSIjtzOjI4OiJibUYwWVd4cFlTMXVRR0p2Ym5SdmRYSXVjblU9IjtzOjY6IlJBTkRPTSI7czo4OiJmZWx3bWd3ZyI7czoxNToiSU5GT0ZMT1QtQVBJS0VZIjtzOjQwOiI3YTdlYjM1N2VlMzVmNzc1ZmJhZGFiMzIwMWVkNjE0YTM0OGQwYjM5Ijt9&referer=https%3A%2F%2Fbontour.ru%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 07:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 28 Nov 2022 14:42:47 GMT
server: nginx
etag: W/"6384c8e7-12aa1"
content-type: application/javascript
cache-control: max-age=2592000
expires: Sun, 09 Apr 2023 07:19:20 GMT

GET
H2 200 app.min.js Show response
bitrix.infoflot.com/local/templates/infoflot/frontend/js/ Frame 8D27 17 KB
5 KB 143ms
139ms Script
application/javascript 188.225.80.60
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bitrix.infoflot.com/local/templates/infoflot/frontend/js/app.min.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.225.80.60 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),

Reverse DNS

worldtradetips.com

Software

nginx /

Resource Hash

0db24732e1d9fb974c1651a40165d9a5869bd8bb8e94d40ee74abce6a26de81c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitrix.infoflot.com/rest/api/search.filter/?key=YTo0OntzOjI6IklEIjtzOjM6Ijg2NiI7czo0OiJVU0VSIjtzOjI4OiJibUYwWVd4cFlTMXVRR0p2Ym5SdmRYSXVjblU9IjtzOjY6IlJBTkRPTSI7czo4OiJmZWx3bWd3ZyI7czoxNToiSU5GT0ZMT1QtQVBJS0VZIjtzOjQwOiI3YTdlYjM1N2VlMzVmNzc1ZmJhZGFiMzIwMWVkNjE0YTM0OGQwYjM5Ijt9&referer=https%3A%2F%2Fbontour.ru%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 07:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 31 Oct 2022 12:42:53 GMT
server: nginx
etag: W/"635fc2cd-43fd"
content-type: application/javascript
cache-control: max-age=2592000
expires: Sun, 09 Apr 2023 07:19:20 GMT

GET
H2 200 sprite.svg
bitrix.infoflot.com/local/templates/infoflot/frontend/images/ Frame 8D27 27 KB
27 KB 144ms
140ms Other
image/svg+xml 188.225.80.60
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bitrix.infoflot.com/local/templates/infoflot/frontend/images/sprite.svg

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.225.80.60 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),

Reverse DNS

worldtradetips.com

Software

nginx /

Resource Hash

8acd180b7942eaa71c0ea26de36c05472c97a78b9f0341572b367ae60f209087

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitrix.infoflot.com/rest/api/search.filter/?key=YTo0OntzOjI6IklEIjtzOjM6Ijg2NiI7czo0OiJVU0VSIjtzOjI4OiJibUYwWVd4cFlTMXVRR0p2Ym5SdmRYSXVjblU9IjtzOjY6IlJBTkRPTSI7czo4OiJmZWx3bWd3ZyI7czoxNToiSU5GT0ZMT1QtQVBJS0VZIjtzOjQwOiI3YTdlYjM1N2VlMzVmNzc1ZmJhZGFiMzIwMWVkNjE0YTM0OGQwYjM5Ijt9&referer=https%3A%2F%2Fbontour.ru%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 07:19:20 GMT
x-content-type-options: nosniff
last-modified: Mon, 31 Oct 2022 10:33:49 GMT
server: nginx
etag: "635fa48d-6a3b"
content-type: image/svg+xml
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 27195
expires: Sun, 09 Apr 2023 07:19:20 GMT

GET
H2 200 counter
top-fwz1.mail.ru/ 43 B
959 B 56ms
56ms Image
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/counter?js=13;id=3236413;u=https%3A//bontour.ru/;r=http%3A//bontour.ru/;st=1678432760270;title=%D0%AD%D0%BA%D1%81%D0%BA%D1%83%D1%80%D1%81%D0%B8%D0%BE%D0%BD%D0%BD%D1%8B%D0%B5%20%D1%82%D1%83%D1%80%D1%8B%20%E2%80%93%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%B5%D1%81%D0%BD%D1%8B%D0%B5%20%D0%BC%D0%B0%D1%80%D1%88%D1%80%D1%83%D1%82%D1%8B%2C%20%D0%BF%D1%80%D0%B8%D1%8F%D1%82%D0%BD%D1%8B%D0%B5%20%D1%86%D0%B5%D0%BD%D1%8B%20%7C%20%C2%AB%D0%91%D0%BE%D0%BD%20%D1%82%D1%83%D1%80%C2%BB;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=f9e290e73c761848;ver=60.3.0;tz=0%2FEtc%2FUnknown;ni=9//4g/0/0/;lvid=1678432760498%3A1678432760508%3A1%3A26d1721ef1b872af7fefa91b2e97e277;opts=dl%2Cjst-gtag-ga-ym-vk;visible=true;_=0.8948953556496002

Requested by

Host: bontour.ru
URL: https://bontour.ru/

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 07:19:20 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

GET
H2

200

1 Show response
mc.yandex.com/watch/26037942/
Redirect Chain

https://mc.yandex.com/watch/26037942?wmode=7&page-url=https%3A%2F%2Fbontour.ru%2F&page-ref=http%3A%2F%2Fbontour.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afp%3A679%3Afu%...
https://mc.yandex.com/watch/26037942/1?wmode=7&page-url=https%3A%2F%2Fbontour.ru%2F&page-ref=http%3A%2F%2Fbontour.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afp%3A679%3Af...

478 B
808 B

59ms
58ms

XHR
application/json

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/26037942/1?wmode=7&page-url=https%3A%2F%2Fbontour.ru%2F&page-ref=http%3A%2F%2Fbontour.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afp%3A679%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A53171386992%3Ahid%3A906532019%3Az%3A0%3Ai%3A20230310071920%3Aet%3A1678432760%3Ac%3A1%3Arn%3A856781070%3Arqn%3A1%3Au%3A1678432760858097477%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C126%2C253%2C1%2C73%2C0%2C%2C291%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1678432759525%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1678432761%3At%3A%D0%AD%D0%BA%D1%81%D0%BA%D1%83%D1%80%D1%81%D0%B8%D0%BE%D0%BD%D0%BD%D1%8B%D0%B5%20%D1%82%D1%83%D1%80%D1%8B%20%E2%80%93%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%B5%D1%81%D0%BD%D1%8B%D0%B5%20%D0%BC%D0%B0%D1%80%D1%88%D1%80%D1%83%D1%82%D1%8B%2C%20%D0%BF%D1%80%D0%B8%D1%8F%D1%82%D0%BD%D1%8B%D0%B5%20%D1%86%D0%B5%D0%BD%D1%8B%20%7C%20%C2%AB%D0%91%D0%BE%D0%BD%20%D1%82%D1%83%D1%80%C2%BB&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29

Requested by

Host: bontour.ru
URL: https://bontour.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

6a1ee081dc8e015b9828c6455908096c381b392ce84db39c0f74ba5d9fb041cc

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 07:19:20 GMT
strict-transport-security: max-age=31536000
x-content-type-options: nosniff
last-modified: Fri, 10-Mar-2023 07:19:20 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bontour.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 478
x-xss-protection: 1; mode=block
expires: Fri, 10-Mar-2023 07:19:20 GMT

Redirect headers

pragma: no-cache
date: Fri, 10 Mar 2023 07:19:20 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 10-Mar-2023 07:19:20 GMT
accept-ch: Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location: /watch/26037942/1?wmode=7&page-url=https%3A%2F%2Fbontour.ru%2F&page-ref=http%3A%2F%2Fbontour.ru%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Afp%3A679%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A970%3Acn%3A1%3Adp%3A0%3Als%3A53171386992%3Ahid%3A906532019%3Az%3A0%3Ai%3A20230310071920%3Aet%3A1678432760%3Ac%3A1%3Arn%3A856781070%3Arqn%3A1%3Au%3A1678432760858097477%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Awv%3A2%3Ads%3A0%2C126%2C253%2C1%2C73%2C0%2C%2C291%2C%2C%2C%2C%2C%3Aco%3A0%3Acpf%3A1%3Ans%3A1678432759525%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1678432761%3At%3A%D0%AD%D0%BA%D1%81%D0%BA%D1%83%D1%80%D1%81%D0%B8%D0%BE%D0%BD%D0%BD%D1%8B%D0%B5%20%D1%82%D1%83%D1%80%D1%8B%20%E2%80%93%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%B5%D1%81%D0%BD%D1%8B%D0%B5%20%D0%BC%D0%B0%D1%80%D1%88%D1%80%D1%83%D1%82%D1%8B%2C%20%D0%BF%D1%80%D0%B8%D1%8F%D1%82%D0%BD%D1%8B%D0%B5%20%D1%86%D0%B5%D0%BD%D1%8B%20%7C%20%C2%AB%D0%91%D0%BE%D0%BD%20%D1%82%D1%83%D1%80%C2%BB&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin: https://bontour.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Fri, 10-Mar-2023 07:19:20 GMT

GET
H2 200 css2
fonts.googleapis.com/ Frame 8D27 11 KB
971 B 18ms
17ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700&family=PT+Sans:wght@700&family=Raleway:wght@500&display=swap

Requested by

Host: bitrix.infoflot.com
URL: https://bitrix.infoflot.com/local/templates/infoflot/frontend/css/app.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

8cffbe5dd03d9554f149b4befcb8747bd355609216385c71fe9ccd74ef49d20b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitrix.infoflot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 10 Mar 2023 07:19:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 10 Mar 2023 07:19:20 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 Mar 2023 07:19:20 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2
fonts.gstatic.com/s/opensans/v34/ Frame 8D27 44 KB
44 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTS-muw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700&family=PT+Sans:wght@700&family=Raleway:wght@500&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bitrix.infoflot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 05:05:33 GMT
x-content-type-options: nosniff
age: 94427
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 44856
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:20:18 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Mar 2024 05:05:33 GMT

GET
H3 200 jizfRExUiTo99u79B_mh0OqtLQ0Z.woff2
fonts.gstatic.com/s/ptsans/v17/ Frame 8D27 29 KB
29 KB 13ms
11ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0OqtLQ0Z.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700&family=PT+Sans:wght@700&family=Raleway:wght@500&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1a045fdc088409e4e87d57617de7a9b613bf251c12997180910faeed8fa7aba1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bitrix.infoflot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 12:46:05 GMT
x-content-type-options: nosniff
age: 153195
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 29928
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:55:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Mar 2024 12:46:05 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2
fonts.gstatic.com/s/opensans/v34/ Frame 8D27 26 KB
26 KB 15ms
13ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSumu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700&family=PT+Sans:wght@700&family=Raleway:wght@500&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

59bd288e64c57e034672999e33ebda6eb5ad1575945eb563dbfb5b44f226e1e1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bitrix.infoflot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:53:07 GMT
x-content-type-options: nosniff
age: 109573
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 26240
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:14:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Mar 2024 00:53:07 GMT

GET
H3 200 jizfRExUiTo99u79B_mh0O6tLQ.woff2
fonts.gstatic.com/s/ptsans/v17/ Frame 8D27 46 KB
46 KB 18ms
17ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/ptsans/v17/jizfRExUiTo99u79B_mh0O6tLQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700&family=PT+Sans:wght@700&family=Raleway:wght@500&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bitrix.infoflot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 01:29:10 GMT
x-content-type-options: nosniff
age: 366610
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 47048
x-xss-protection: 0
last-modified: Wed, 27 Apr 2022 16:55:54 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Mar 2024 01:29:10 GMT

GET
H2

200

sync_cookie_image_decide_secondary
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check_secondary
https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9938.aHOkbU96dJQ5yrchJSKbjig8Xpn-g2jbCL8rWJp9SD1uI3wzyL5bDBUACxRSzVg2.qZ2Ur2SNfdkK35USRPE50x10pVA%2C
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9938.KkRyuES2IWgGCGiei7T1RCHjkDzNz3ROXzJvDosPgHBvwvz89BpV08KvdPGnBAJvEEfRRyLXIuflCJZqMWbYKQYd8c3jO5fw2dAfuWKsZ4o%2C.tSj55LzYnLnRt42R4k...

43 B
79 B

50ms
50ms

Image
image/gif

2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9938.KkRyuES2IWgGCGiei7T1RCHjkDzNz3ROXzJvDosPgHBvwvz89BpV08KvdPGnBAJvEEfRRyLXIuflCJZqMWbYKQYd8c3jO5fw2dAfuWKsZ4o%2C.tSj55LzYnLnRt42R4kA4wmledbQ%2C

Requested by

Host: bontour.ru
URL: https://bontour.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 07:19:20 GMT
strict-transport-security: max-age=31536000
content-length: 43
x-xss-protection: 1; mode=block
content-type: image/gif

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9938.KkRyuES2IWgGCGiei7T1RCHjkDzNz3ROXzJvDosPgHBvwvz89BpV08KvdPGnBAJvEEfRRyLXIuflCJZqMWbYKQYd8c3jO5fw2dAfuWKsZ4o%2C.tSj55LzYnLnRt42R4kA4wmledbQ%2C
date: Fri, 10 Mar 2023 07:19:20 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

POST
H2 200 / Show response
bitrix.infoflot.com/rest/api/search.filter/ Frame 8D27 66 KB
10 KB 1979ms
1979ms XHR
text/html 188.225.80.60
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bitrix.infoflot.com/rest/api/search.filter/

Requested by

Host: bitrix.infoflot.com
URL: https://bitrix.infoflot.com/local/templates/infoflot/frontend/js/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.225.80.60 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),

Reverse DNS

worldtradetips.com

Software

nginx /

Resource Hash

399cd0a456e30f69bac083b3655ec1e9d0bc94af7ce486bbf6e31c167b4f18a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: text/html, */*; q=0.01
Referer: https://bitrix.infoflot.com/rest/api/search.filter/?key=YTo0OntzOjI6IklEIjtzOjM6Ijg2NiI7czo0OiJVU0VSIjtzOjI4OiJibUYwWVd4cFlTMXVRR0p2Ym5SdmRYSXVjblU9IjtzOjY6IlJBTkRPTSI7czo4OiJmZWx3bWd3ZyI7czoxNToiSU5GT0ZMT1QtQVBJS0VZIjtzOjQwOiI3YTdlYjM1N2VlMzVmNzc1ZmJhZGFiMzIwMWVkNjE0YTM0OGQwYjM5Ijt9&referer=https%3A%2F%2Fbontour.ru%2F
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 07:19:22 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: HTTPS
access-control-allow-methods: POST, GET, OPTIONS
p3p: policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
x-powered-cms: Bitrix Site Manager (80c3edb7948e58670f711726251d67e3)
access-control-allow-origin: *
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
accept: text/html
expires: Thu, 19 Nov 1981 08:52:00 GMT

OPTIONS
H2 200 GetSettingsV2
module.sletat.ru/Main.svc/ Frame 0
0 250ms
58ms Preflight 31.131.248.51
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL

https://module.sletat.ru/Main.svc/GetSettingsV2?isShowcase=false&settingsId=&target=module-6.0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

31.131.248.51 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; base-uri 'self'; object-src 'none'; block-all-mixed-content; connect-src 'self' api-cms.sletat.ru sentry.io ; font-src 'self'; form-action 'self'; frame-ancestors 'none'; frame-src 'none'; img-src 'self'; manifest-src 'self'; media-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://sentry.io/api/277394/security/?sentry_key=0a2b2bfb6013486ebb44c51258ebac52
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://bontour.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Accept, google-token
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
cache-control: no-cache
content-length: 0
content-security-policy: default-src 'none'; base-uri 'self'; object-src 'none'; block-all-mixed-content; connect-src 'self' api-cms.sletat.ru sentry.io ; font-src 'self'; form-action 'self'; frame-ancestors 'none'; frame-src 'none'; img-src 'self'; manifest-src 'self'; media-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://sentry.io/api/277394/security/?sentry_key=0a2b2bfb6013486ebb44c51258ebac52
core: 102
date: Fri, 10 Mar 2023 07:19:21 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: SAMEORIGIN

OPTIONS
H2 200 GetOffices
module.sletat.ru/Main.svc/ Frame 0
0 250ms
58ms Preflight 31.131.248.51
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL

https://module.sletat.ru/Main.svc/GetOffices?target=module-6.0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

31.131.248.51 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; base-uri 'self'; object-src 'none'; block-all-mixed-content; connect-src 'self' api-cms.sletat.ru sentry.io ; font-src 'self'; form-action 'self'; frame-ancestors 'none'; frame-src 'none'; img-src 'self'; manifest-src 'self'; media-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://sentry.io/api/277394/security/?sentry_key=0a2b2bfb6013486ebb44c51258ebac52
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://bontour.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Accept, google-token
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
cache-control: no-cache
content-length: 0
content-security-policy: default-src 'none'; base-uri 'self'; object-src 'none'; block-all-mixed-content; connect-src 'self' api-cms.sletat.ru sentry.io ; font-src 'self'; form-action 'self'; frame-ancestors 'none'; frame-src 'none'; img-src 'self'; manifest-src 'self'; media-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://sentry.io/api/277394/security/?sentry_key=0a2b2bfb6013486ebb44c51258ebac52
core: 102
date: Fri, 10 Mar 2023 07:19:21 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: SAMEORIGIN

OPTIONS
H2 204 /
modulesettings.sletat.ru/api/configurations/1e0223c5-40bf-4772-be16-bea58a9cb534/ Frame 0
0 253ms
57ms Preflight 31.131.248.50
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL

https://modulesettings.sletat.ru/api/configurations/1e0223c5-40bf-4772-be16-bea58a9cb534/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

31.131.248.50 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; base-uri 'self'; object-src 'none'; block-all-mixed-content; connect-src 'self' api-cms.sletat.ru sentry.io ; font-src 'self'; form-action 'self'; frame-ancestors 'none'; frame-src 'none'; img-src 'self'; manifest-src 'self'; media-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://sentry.io/api/277394/security/?sentry_key=0a2b2bfb6013486ebb44c51258ebac52
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://bontour.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Content-Type
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, PATCH
access-control-allow-origin: https://bontour.ru
content-security-policy: default-src 'none'; base-uri 'self'; object-src 'none'; block-all-mixed-content; connect-src 'self' api-cms.sletat.ru sentry.io ; font-src 'self'; form-action 'self'; frame-ancestors 'none'; frame-src 'none'; img-src 'self'; manifest-src 'self'; media-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://sentry.io/api/277394/security/?sentry_key=0a2b2bfb6013486ebb44c51258ebac52
date: Fri, 10 Mar 2023 07:19:21 GMT
expect-ct: max-age=86400, report-uri="https://sentry.io/api/277394/security/?sentry_key=0a2b2bfb6013486ebb44c51258ebac52"
referrer-policy: strict-origin-when-cross-origin
server: nginx
strict-transport-security: max-age=63072000; includeSubDomains; preload
vary: Origin
x-content-type-options: nosniff
x-frame-options: SAMEORIGIN
x-xss-protection: 1; mode=block

GET
H2 200 GetSettingsV2 Show response
module.sletat.ru/Main.svc/ 271 B
803 B 62ms
62ms Fetch
application/json 31.131.248.51
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL

https://module.sletat.ru/Main.svc/GetSettingsV2?isShowcase=false&settingsId=&target=module-6.0

Requested by

Host: front.sletat.ru
URL: https://front.sletat.ru/modules/module6/latest/module.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

31.131.248.51 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

Software

nginx /

Resource Hash

639f06a9a4840ca7d1f06bd26a8e9a81cb238670b3a975530bcc16cd36176fd9

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; base-uri 'self'; object-src 'none'; block-all-mixed-content; connect-src 'self' api-cms.sletat.ru sentry.io ; font-src 'self'; form-action 'self'; frame-ancestors 'none'; frame-src 'none'; img-src 'self'; manifest-src 'self'; media-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://sentry.io/api/277394/security/?sentry_key=0a2b2bfb6013486ebb44c51258ebac52
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bontour.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 10 Mar 2023 07:19:21 GMT
content-security-policy: default-src 'none'; base-uri 'self'; object-src 'none'; block-all-mixed-content; connect-src 'self' api-cms.sletat.ru sentry.io ; font-src 'self'; form-action 'self'; frame-ancestors 'none'; frame-src 'none'; img-src 'self'; manifest-src 'self'; media-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://sentry.io/api/277394/security/?sentry_key=0a2b2bfb6013486ebb44c51258ebac52
core: 102
server: nginx
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private
content-length: 271

GET
H2 200 GetOffices Show response
module.sletat.ru/Main.svc/ 102 B
634 B 61ms
61ms Fetch
application/json 31.131.248.51
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL

https://module.sletat.ru/Main.svc/GetOffices?target=module-6.0

Requested by

Host: front.sletat.ru
URL: https://front.sletat.ru/modules/module6/latest/module.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

31.131.248.51 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

Software

nginx /

Resource Hash

5b0f1566dc493cd6f6c37b125eb38c79a5046f5bb8a35aafcf5f64fd259ef1e0

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; base-uri 'self'; object-src 'none'; block-all-mixed-content; connect-src 'self' api-cms.sletat.ru sentry.io ; font-src 'self'; form-action 'self'; frame-ancestors 'none'; frame-src 'none'; img-src 'self'; manifest-src 'self'; media-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://sentry.io/api/277394/security/?sentry_key=0a2b2bfb6013486ebb44c51258ebac52
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bontour.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 10 Mar 2023 07:19:21 GMT
content-security-policy: default-src 'none'; base-uri 'self'; object-src 'none'; block-all-mixed-content; connect-src 'self' api-cms.sletat.ru sentry.io ; font-src 'self'; form-action 'self'; frame-ancestors 'none'; frame-src 'none'; img-src 'self'; manifest-src 'self'; media-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://sentry.io/api/277394/security/?sentry_key=0a2b2bfb6013486ebb44c51258ebac52
core: 102
server: nginx
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private
content-length: 102

GET
H2 200 / Show response
modulesettings.sletat.ru/api/configurations/1e0223c5-40bf-4772-be16-bea58a9cb534/ 2 KB
2 KB 70ms
70ms Fetch
application/json 31.131.248.50
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL

https://modulesettings.sletat.ru/api/configurations/1e0223c5-40bf-4772-be16-bea58a9cb534/

Requested by

Host: front.sletat.ru
URL: https://front.sletat.ru/modules/module6/latest/module.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

31.131.248.50 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

Software

nginx /

Resource Hash

9b529339a665e82d192237dfd66d866a28708c532cde526a53a25ab96440c745

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; base-uri 'self'; object-src 'none'; block-all-mixed-content; connect-src 'self' api-cms.sletat.ru sentry.io ; font-src 'self'; form-action 'self'; frame-ancestors 'none'; frame-src 'none'; img-src 'self'; manifest-src 'self'; media-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://sentry.io/api/277394/security/?sentry_key=0a2b2bfb6013486ebb44c51258ebac52
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bontour.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 10 Mar 2023 07:19:21 GMT
content-security-policy: default-src 'none'; base-uri 'self'; object-src 'none'; block-all-mixed-content; connect-src 'self' api-cms.sletat.ru sentry.io ; font-src 'self'; form-action 'self'; frame-ancestors 'none'; frame-src 'none'; img-src 'self'; manifest-src 'self'; media-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://sentry.io/api/277394/security/?sentry_key=0a2b2bfb6013486ebb44c51258ebac52
x-content-type-options: nosniff
strict-transport-security: max-age=63072000; includeSubDomains; preload
content-encoding: gzip
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
server: nginx
expect-ct: max-age=86400, report-uri="https://sentry.io/api/277394/security/?sentry_key=0a2b2bfb6013486ebb44c51258ebac52"
vary: Origin
access-control-allow-methods: POST, GET, OPTIONS, PUT, DELETE, PATCH
content-type: application/json; charset=utf-8
access-control-allow-origin: https://bontour.ru
x-frame-options: SAMEORIGIN
access-control-allow-credentials: true
access-control-allow-headers: Content-Type

POST
H2 200 IsActive Show response
c.sberlead.ru/clickstream-analytics-bh/services/ 76 B
642 B 46ms
45ms Fetch
application/json 37.18.73.104
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.sberlead.ru/clickstream-analytics-bh/services/IsActive

Requested by

Host: front.sletat.ru
URL: https://front.sletat.ru/modules/module6/latest/module.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.73.104 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),

Reverse DNS

sberlead.ru

Software

nginx/1.21.6 /

Resource Hash

d0219c1c8ebd7895f6beb61419bdb45ddce4ed1626802cf03360a874986df947

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://bontour.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Fri, 10 Mar 2023 07:19:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx/1.21.6
access-control-max-age: 3600
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://bontour.ru
cache-control: max-age=86400
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 76
expires: Sat, 11 Mar 2023 07:19:21 GMT

OPTIONS
H2 200 IsActive
c.sberlead.ru/clickstream-analytics-bh/services/ Frame 0
0 129ms
41ms Preflight
application/json 37.18.73.104
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.sberlead.ru/clickstream-analytics-bh/services/IsActive

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.73.104 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),

Reverse DNS

sberlead.ru

Software

nginx/1.21.6 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://bontour.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://bontour.ru
access-control-max-age: 3600
cache-control: max-age=86400
content-length: 0
content-type: application/json;charset=UTF-8
date: Fri, 10 Mar 2023 07:19:21 GMT
expires: Sat, 11 Mar 2023 07:19:21 GMT
server: nginx/1.21.6
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 bundle_ru_RU.js Show response
code.jivo.ru/js/ 1 MB
266 KB 163ms
9ms Script
application/javascript 2a13:1ec0:1000::1073
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jivo.ru/js/bundle_ru_RU.js?rand=1678188962
Requested by: Host: code.jivosite.com
URL: https://code.jivosite.com/script/widget/915FnOV2Bu
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0:1000::1073 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 99f4f0b8ff330a1ead240300e94cc007d61f2980084836722612da339c0a932b

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-id: fr5-up-gc15
date: Fri, 10 Mar 2023 07:19:21 GMT
content-encoding: br
via: 1.1 sharxy
x-cached-since: 2023-03-09T12:52:49+00:00
x-geo-shard: sber1
content-length: 271515
last-modified: Mon, 06 Mar 2023 12:35:53 GMT
server: nginx
etag: "6405de29-4249b"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes

GET
H2 200 tracker
top-fwz1.mail.ru/ 43 B
876 B 53ms
52ms Image
image/gif 95.163.52.67
VK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://top-fwz1.mail.ru/tracker?js=13;id=3236413;u=https%3A//bontour.ru/;r=http%3A//bontour.ru/;st=1678432760270;title=%D0%AD%D0%BA%D1%81%D0%BA%D1%83%D1%80%D1%81%D0%B8%D0%BE%D0%BD%D0%BD%D1%8B%D0%B5%20%D1%82%D1%83%D1%80%D1%8B%20%E2%80%93%20%D0%B8%D0%BD%D1%82%D0%B5%D1%80%D0%B5%D1%81%D0%BD%D1%8B%D0%B5%20%D0%BC%D0%B0%D1%80%D1%88%D1%80%D1%83%D1%82%D1%8B%2C%20%D0%BF%D1%80%D0%B8%D1%8F%D1%82%D0%BD%D1%8B%D0%B5%20%D1%86%D0%B5%D0%BD%D1%8B%20%7C%20%C2%AB%D0%91%D0%BE%D0%BD%20%D1%82%D1%83%D1%80%C2%BB;s=1600*1200;vp=1600*1200;touch=0;hds=1;frame=0;flash=;sid=f9e290e73c761848;ver=60.3.0;tz=0%2FEtc%2FUnknown;nt=1/0/1678432759525/////73/74/74/74/199/134/199/452/453/455/745/1271/1275/1604/1604/;ni=9//4g/0/0/;lvid=1678432760498%3A1678432761135%3A2%3A26d1721ef1b872af7fefa91b2e97e277;opts=dl%2Cjst-gtag-ga-ym-vk;visible=true;_=0.13004142537929586;e=RT/load;et=1678432761133

Protocol

Security

TLS 1.2, ECDHE_ECDSA, AES_128_GCM

Server

95.163.52.67 , Russian Federation, ASN47764 (VK-AS, RU),

Reverse DNS

top-fwz1.mail.ru

Software

nginx /

Resource Hash

24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 07:19:21 GMT
x-content-type-options: nosniff
p3p: CP="NOI DSP COR NID CUR PSA OUR NOR"
content-length: 43
pragma: no-cache
amp-access-control-allow-source-origin: *
server: nginx
accept-ch: DPR, Width, Viewport-Width, Downlink, Device-Memory, Sec-CH-UA-Arch, Sec-CH-UA-Bitness, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA, Sec-CH-UA-Full-Version
access-control-allow-methods: GET, POST, HEAD, PUT, OPTIONS
content-type: image/gif
access-control-allow-origin: *
accept-ch-lifetime: 86400
access-control-expose-headers: AMP-Access-Control-Allow-Source-Origin
cache-control: private, no-cache, no-store, max-age=0
access-control-allow-credentials: true
timing-allow-origin: *
access-control-allow-headers: *

OPTIONS
H2 200 GetDepartCities
module.sletat.ru/Main.svc/ Frame 0
0 57ms
57ms Preflight 31.131.248.51
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL

https://module.sletat.ru/Main.svc/GetDepartCities?target=module-6.0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

31.131.248.51 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; base-uri 'self'; object-src 'none'; block-all-mixed-content; connect-src 'self' api-cms.sletat.ru sentry.io ; font-src 'self'; form-action 'self'; frame-ancestors 'none'; frame-src 'none'; img-src 'self'; manifest-src 'self'; media-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://sentry.io/api/277394/security/?sentry_key=0a2b2bfb6013486ebb44c51258ebac52
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://bontour.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Accept, google-token
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
cache-control: no-cache
content-length: 0
content-security-policy: default-src 'none'; base-uri 'self'; object-src 'none'; block-all-mixed-content; connect-src 'self' api-cms.sletat.ru sentry.io ; font-src 'self'; form-action 'self'; frame-ancestors 'none'; frame-src 'none'; img-src 'self'; manifest-src 'self'; media-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://sentry.io/api/277394/security/?sentry_key=0a2b2bfb6013486ebb44c51258ebac52
core: 102
date: Fri, 10 Mar 2023 07:19:21 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: SAMEORIGIN

GET
H2 200 GetDepartCities Show response
module.sletat.ru/Main.svc/ 27 KB
3 KB 65ms
64ms Fetch
application/json 31.131.248.51
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL

https://module.sletat.ru/Main.svc/GetDepartCities?target=module-6.0

Requested by

Host: front.sletat.ru
URL: https://front.sletat.ru/modules/module6/latest/module.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

31.131.248.51 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

Software

nginx /

Resource Hash

1e3025766b2cdc8f8aa76f2a9ad7b1f5c7eb1126c011760169643697725e8bae

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; base-uri 'self'; object-src 'none'; block-all-mixed-content; connect-src 'self' api-cms.sletat.ru sentry.io ; font-src 'self'; form-action 'self'; frame-ancestors 'none'; frame-src 'none'; img-src 'self'; manifest-src 'self'; media-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://sentry.io/api/277394/security/?sentry_key=0a2b2bfb6013486ebb44c51258ebac52
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bontour.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 10 Mar 2023 07:19:21 GMT
content-security-policy: default-src 'none'; base-uri 'self'; object-src 'none'; block-all-mixed-content; connect-src 'self' api-cms.sletat.ru sentry.io ; font-src 'self'; form-action 'self'; frame-ancestors 'none'; frame-src 'none'; img-src 'self'; manifest-src 'self'; media-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://sentry.io/api/277394/security/?sentry_key=0a2b2bfb6013486ebb44c51258ebac52
content-encoding: gzip
core: 102
server: nginx
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private

GET
H2 200 module.css Show response
front.sletat.ru/modules/module6/latest/ 2 MB
232 KB 78ms
77ms XHR
text/css 31.131.248.50
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL

https://front.sletat.ru/modules/module6/latest/module.css

Requested by

Host: front.sletat.ru
URL: https://front.sletat.ru/modules/module6/latest/module.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

31.131.248.50 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

Software

nginx /

Resource Hash

c6e4daf7c7b3d92ce0220743aac266efabf62122c4da3f5c4fc004ce2dd9e554

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Accept: application/json, text/plain, */*
Referer: https://bontour.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 07:19:21 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
content-encoding: br
x-xss-protection: 1; mode=block
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 02 Mar 2023 12:49:42 GMT
server: nginx
etag: W/"64009b66-26fd40"
expect-ct: max-age=86400, enforce, report-uri="https://sentry.io/api/277394/security/?sentry_key=0a2b2bfb6013486ebb44c51258ebac52"
x-frame-options: SAMEORIGIN
vary: Origin, Host
content-type: text/css; charset=utf-8
access-control-allow-origin: https://bontour.ru
cache-control: max-age=259200
expires: Mon, 13 Mar 2023 07:19:21 GMT

GET
H2 200 74632f4be33e7f16530d.bundle.js Show response
c.sberlead.ru/ 235 KB
76 KB 49ms
49ms Script
application/javascript 37.18.73.104
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.sberlead.ru/74632f4be33e7f16530d.bundle.js

Requested by

Host: c.sberlead.ru
URL: https://c.sberlead.ru/clickstream.bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.73.104 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),

Reverse DNS

sberlead.ru

Software

nginx/1.21.6 /

Resource Hash

7a9d6a4ea5a8bfa3b302c4057a024ead1fbeb8c30fa9069f7d112e1e6c75feb4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 07:19:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
last-modified: Tue, 07 Mar 2023 14:03:36 GMT
server: nginx/1.21.6
etag: W/"64074438-3ac40"
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400
expires: Sat, 11 Mar 2023 07:19:21 GMT

GET
H2 200 775a8c562505011c3618.bundle.js Show response
c.sberlead.ru/ 265 KB
58 KB 91ms
91ms Script
application/javascript 37.18.73.104
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.sberlead.ru/775a8c562505011c3618.bundle.js

Requested by

Host: c.sberlead.ru
URL: https://c.sberlead.ru/clickstream.bundle.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.73.104 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),

Reverse DNS

sberlead.ru

Software

nginx/1.21.6 /

Resource Hash

5c5e67376747464a3e1bf26a12c4ca70c2dafbcc51d23bd1dbf8519aa8f060b1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 07:19:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains
content-encoding: gzip
last-modified: Tue, 07 Mar 2023 14:03:36 GMT
server: nginx/1.21.6
etag: W/"64074438-42434"
content-type: application/javascript; charset=utf-8
cache-control: max-age=86400
expires: Sat, 11 Mar 2023 07:19:21 GMT

GET
H2 200 GetCountries Show response
module.sletat.ru/Main.svc/ 17 KB
3 KB 64ms
62ms Fetch
application/json 31.131.248.51
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL

https://module.sletat.ru/Main.svc/GetCountries?townFromId=1264&useAccount=0&target=module-6.0

Requested by

Host: front.sletat.ru
URL: https://front.sletat.ru/modules/module6/latest/module.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

31.131.248.51 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

Software

nginx /

Resource Hash

578d3a04b2110477868628a26e0fa968a626ab56f1a874d1f7bbfa0c46229d6a

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; base-uri 'self'; object-src 'none'; block-all-mixed-content; connect-src 'self' api-cms.sletat.ru sentry.io ; font-src 'self'; form-action 'self'; frame-ancestors 'none'; frame-src 'none'; img-src 'self'; manifest-src 'self'; media-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://sentry.io/api/277394/security/?sentry_key=0a2b2bfb6013486ebb44c51258ebac52
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bontour.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 10 Mar 2023 07:19:21 GMT
content-security-policy: default-src 'none'; base-uri 'self'; object-src 'none'; block-all-mixed-content; connect-src 'self' api-cms.sletat.ru sentry.io ; font-src 'self'; form-action 'self'; frame-ancestors 'none'; frame-src 'none'; img-src 'self'; manifest-src 'self'; media-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://sentry.io/api/277394/security/?sentry_key=0a2b2bfb6013486ebb44c51258ebac52
content-encoding: gzip
core: 102
server: nginx
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private

OPTIONS
H2 200 GetCountries
module.sletat.ru/Main.svc/ Frame 0
0 62ms
60ms Preflight 31.131.248.51
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL

https://module.sletat.ru/Main.svc/GetCountries?townFromId=1264&useAccount=0&target=module-6.0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

31.131.248.51 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; base-uri 'self'; object-src 'none'; block-all-mixed-content; connect-src 'self' api-cms.sletat.ru sentry.io ; font-src 'self'; form-action 'self'; frame-ancestors 'none'; frame-src 'none'; img-src 'self'; manifest-src 'self'; media-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://sentry.io/api/277394/security/?sentry_key=0a2b2bfb6013486ebb44c51258ebac52
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://bontour.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Accept, google-token
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
cache-control: no-cache
content-length: 0
content-security-policy: default-src 'none'; base-uri 'self'; object-src 'none'; block-all-mixed-content; connect-src 'self' api-cms.sletat.ru sentry.io ; font-src 'self'; form-action 'self'; frame-ancestors 'none'; frame-src 'none'; img-src 'self'; manifest-src 'self'; media-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://sentry.io/api/277394/security/?sentry_key=0a2b2bfb6013486ebb44c51258ebac52
core: 102
date: Fri, 10 Mar 2023 07:19:21 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: SAMEORIGIN

GET
H2 200 widget.css
code.jivo.ru/css/869b0ec/ 225 KB
52 KB 8ms
7ms Stylesheet
text/css 2a13:1ec0:1000::1073
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jivo.ru/css/869b0ec/widget.css
Requested by: Host: bontour.ru
URL: http://bontour.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0:1000::1073 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: dbc2f0527f7631ee5f51d85b32973313c4c04c0eb2367f969fb5e14654cfa012

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-id: fr5-up-gc15
date: Fri, 10 Mar 2023 07:19:21 GMT
content-encoding: br
via: 1.1 sharxy
x-cached-since: 2023-03-07T11:36:16+00:00
x-geo-shard: sber1
content-length: 53525
last-modified: Mon, 06 Mar 2023 12:35:34 GMT
server: nginx
etag: "6405de16-d115"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=864000
cache: HIT
accept-ranges: bytes
expires: Fri, 17 Mar 2023 11:36:16 GMT

GET
H2 200 omnichannelMenu.widget.css
code.jivo.ru/css/869b0ec/ 3 KB
1 KB 8ms
7ms Stylesheet
text/css 2a13:1ec0:1000::1073
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jivo.ru/css/869b0ec/omnichannelMenu.widget.css
Requested by: Host: bontour.ru
URL: http://bontour.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0:1000::1073 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 409437c587e4bb3dcdcbafabc8d925f5e32d0c0b7d760e0ab31d01e154876a0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-id: fr5-up-gc15
date: Fri, 10 Mar 2023 07:19:21 GMT
content-encoding: gzip
via: 1.1 sharxy
x-cached-since: 2023-03-07T11:36:17+00:00
x-geo-shard: sber1
content-length: 959
last-modified: Mon, 06 Mar 2023 12:35:34 GMT
server: nginx
etag: "6405de16-3bf"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=864000
cache: HIT
accept-ranges: bytes
expires: Fri, 17 Mar 2023 11:36:17 GMT

GET
H2 200 omnichannelMenu.js Show response
code.jivo.ru/js/869b0ec/ Frame A71E 11 KB
3 KB 8ms
8ms Script
application/javascript 2a13:1ec0:1000::1073
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jivo.ru/js/869b0ec/omnichannelMenu.js
Requested by: Host: bontour.ru
URL: http://bontour.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0:1000::1073 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 27a7b7885628ffbab9bdba970273bf42e02a176568602353503dfa959dfab09e

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

x-id: fr5-up-gc15
date: Fri, 10 Mar 2023 07:19:21 GMT
content-encoding: br
via: 1.1 sharxy
x-cached-since: 2023-03-09T12:52:57+00:00
x-geo-shard: sber1
content-length: 2895
last-modified: Mon, 06 Mar 2023 12:35:34 GMT
server: nginx
etag: "6405de16-b4f"
vary: Accept-Encoding
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=86400
cache: HIT
accept-ranges: bytes

GET
DATA 200
OK truncated
/ 306 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: cbdd5c1ba6244f974f464921d258ef4ccdf3e995c832de0fc2978eba80e696e4

Request headers

accept-language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 206 agent_message.mp3
code.jivo.ru/sounds/ 4 KB
4 KB 10ms
10ms Media
audio/mpeg 2a13:1ec0:1000::1073
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jivo.ru/sounds/agent_message.mp3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0:1000::1073 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: ff81aad05612f90cf97c238f219765884e5cbf49351d8dc96a4a063c598c3f43

Request headers

Referer: https://bontour.ru/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Range: bytes=0-

Response headers

x-id: fr5-up-gc15
date: Fri, 10 Mar 2023 07:19:21 GMT
via: 1.1 sharxy
x-cached-since: 2023-03-06T19:24:53+00:00
Content-Range: bytes 0-3759/3760
x-geo-shard: sber1
Content-Length: 3760
last-modified: Wed, 01 Mar 2023 10:53:57 GMT
server: nginx
etag: "63ff2ec5-eb0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: audio/mpeg
access-control-allow-origin: *
cache-control: max-age=2592000
cache: HIT
expires: Wed, 05 Apr 2023 19:24:53 GMT

GET
H2 206 notification.mp3
code.jivo.ru/sounds/ 6 KB
6 KB 11ms
11ms Media
audio/mpeg 2a13:1ec0:1000::1073
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jivo.ru/sounds/notification.mp3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0:1000::1073 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: 1112436abea08c851302bba4d4e37a27e25e5ec26b20474667a3369d41154bab

Request headers

Referer: https://bontour.ru/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Range: bytes=0-

Response headers

x-id: fr5-up-gc15
date: Fri, 10 Mar 2023 07:19:21 GMT
via: 1.1 sharxy
x-cached-since: 2023-03-06T19:24:39+00:00
Content-Range: bytes 0-5807/5808
x-geo-shard: sber1
Content-Length: 5808
last-modified: Wed, 01 Mar 2023 10:53:57 GMT
server: nginx
etag: "63ff2ec5-16b0"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: audio/mpeg
access-control-allow-origin: *
cache-control: max-age=2592000
cache: HIT
expires: Wed, 05 Apr 2023 19:24:39 GMT

GET
H2 206 outgoing_message.mp3
code.jivo.ru/sounds/ 5 KB
5 KB 17ms
16ms Media
audio/mpeg 2a13:1ec0:1000::1073
EDGEAMLLC

General

Check archive.org

Show headers Download Go to

Full URL: https://code.jivo.ru/sounds/outgoing_message.mp3
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 2a13:1ec0:1000::1073 , Armenia, ASN201589 (EDGEAMLLC, AM),
Reverse DNS
Software: nginx /
Resource Hash: d44244617bf21df7a137694fa762d5cab3b82cb9fae8f33de5917977b02b2a11

Request headers

Referer: https://bontour.ru/
Accept-Encoding: identity;q=1, *;q=0
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Range: bytes=0-

Response headers

x-id: fr5-up-gc15
date: Fri, 10 Mar 2023 07:19:21 GMT
via: 1.1 sharxy
x-cached-since: 2023-03-09T18:04:47+00:00
Content-Range: bytes 0-5013/5014
x-geo-shard: sber1
Content-Length: 5014
last-modified: Mon, 06 Mar 2023 12:34:06 GMT
server: nginx
etag: "6405ddbe-1396"
vary: Accept-Encoding
access-control-allow-methods: GET, POST, OPTIONS
content-type: audio/mpeg
access-control-allow-origin: *
cache-control: max-age=2592000
cache: HIT
expires: Sat, 08 Apr 2023 18:04:47 GMT

GET
H2 200 GetCities Show response
module.sletat.ru/Main.svc/ 14 KB
2 KB 225ms
219ms Fetch
application/json 31.131.248.51
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL

https://module.sletat.ru/Main.svc/GetCities?countryId=119&target=module-6.0

Requested by

Host: front.sletat.ru
URL: https://front.sletat.ru/modules/module6/latest/module.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

31.131.248.51 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

Software

nginx /

Resource Hash

31736e03a538daad8ef8a0cc00e637f4386b4f97ab42b36eeb0986f1a54f1ff7

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; base-uri 'self'; object-src 'none'; block-all-mixed-content; connect-src 'self' api-cms.sletat.ru sentry.io ; font-src 'self'; form-action 'self'; frame-ancestors 'none'; frame-src 'none'; img-src 'self'; manifest-src 'self'; media-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://sentry.io/api/277394/security/?sentry_key=0a2b2bfb6013486ebb44c51258ebac52
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bontour.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 10 Mar 2023 07:19:21 GMT
content-security-policy: default-src 'none'; base-uri 'self'; object-src 'none'; block-all-mixed-content; connect-src 'self' api-cms.sletat.ru sentry.io ; font-src 'self'; form-action 'self'; frame-ancestors 'none'; frame-src 'none'; img-src 'self'; manifest-src 'self'; media-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://sentry.io/api/277394/security/?sentry_key=0a2b2bfb6013486ebb44c51258ebac52
content-encoding: gzip
core: 102
server: nginx
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private

OPTIONS
H2 200 GetCities
module.sletat.ru/Main.svc/ Frame 0
0 60ms
56ms Preflight 31.131.248.51
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL

https://module.sletat.ru/Main.svc/GetCities?countryId=119&target=module-6.0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

31.131.248.51 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; base-uri 'self'; object-src 'none'; block-all-mixed-content; connect-src 'self' api-cms.sletat.ru sentry.io ; font-src 'self'; form-action 'self'; frame-ancestors 'none'; frame-src 'none'; img-src 'self'; manifest-src 'self'; media-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://sentry.io/api/277394/security/?sentry_key=0a2b2bfb6013486ebb44c51258ebac52
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://bontour.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Accept, google-token
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
cache-control: no-cache
content-length: 0
content-security-policy: default-src 'none'; base-uri 'self'; object-src 'none'; block-all-mixed-content; connect-src 'self' api-cms.sletat.ru sentry.io ; font-src 'self'; form-action 'self'; frame-ancestors 'none'; frame-src 'none'; img-src 'self'; manifest-src 'self'; media-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://sentry.io/api/277394/security/?sentry_key=0a2b2bfb6013486ebb44c51258ebac52
core: 102
date: Fri, 10 Mar 2023 07:19:21 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: SAMEORIGIN

OPTIONS
H2 200 LogEventMethod
c.sberlead.ru/clickstream-analytics-bh/services/ Frame 0
0 41ms
41ms Preflight
application/json 37.18.73.104
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.sberlead.ru/clickstream-analytics-bh/services/LogEventMethod

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.73.104 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),

Reverse DNS

sberlead.ru

Software

nginx/1.21.6 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://bontour.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://bontour.ru
access-control-max-age: 3600
cache-control: max-age=86400
content-length: 0
content-type: application/json;charset=UTF-8
date: Fri, 10 Mar 2023 07:19:21 GMT
expires: Sat, 11 Mar 2023 07:19:21 GMT
server: nginx/1.21.6
strict-transport-security: max-age=31536000; includeSubDomains

OPTIONS
H2 200 ProductVersion
c.sberlead.ru/clickstream-analytics-bh/services/ Frame 0
0 42ms
41ms Preflight
application/json 37.18.73.104
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.sberlead.ru/clickstream-analytics-bh/services/ProductVersion

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.73.104 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),

Reverse DNS

sberlead.ru

Software

nginx/1.21.6 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://bontour.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://bontour.ru
access-control-max-age: 3600
cache-control: max-age=86400
content-length: 0
content-type: application/json;charset=UTF-8
date: Fri, 10 Mar 2023 07:19:21 GMT
expires: Sat, 11 Mar 2023 07:19:21 GMT
server: nginx/1.21.6
strict-transport-security: max-age=31536000; includeSubDomains

OPTIONS
H2 200 LogEventMethod
c.sberlead.ru/clickstream-analytics-bh/services/ Frame 0
0 42ms
41ms Preflight
application/json 37.18.73.104
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.sberlead.ru/clickstream-analytics-bh/services/LogEventMethod

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.73.104 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),

Reverse DNS

sberlead.ru

Software

nginx/1.21.6 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://bontour.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://bontour.ru
access-control-max-age: 3600
cache-control: max-age=86400
content-length: 0
content-type: application/json;charset=UTF-8
date: Fri, 10 Mar 2023 07:19:21 GMT
expires: Sat, 11 Mar 2023 07:19:21 GMT
server: nginx/1.21.6
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 200 LogEventMethod Show response
c.sberlead.ru/clickstream-analytics-bh/services/ 76 B
642 B 218ms
217ms Fetch
application/json 37.18.73.104
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.sberlead.ru/clickstream-analytics-bh/services/LogEventMethod

Requested by

Host: front.sletat.ru
URL: https://front.sletat.ru/modules/module6/latest/module.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.73.104 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),

Reverse DNS

sberlead.ru

Software

nginx/1.21.6 /

Resource Hash

d0219c1c8ebd7895f6beb61419bdb45ddce4ed1626802cf03360a874986df947

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://bontour.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Fri, 10 Mar 2023 07:19:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx/1.21.6
access-control-max-age: 3600
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://bontour.ru
cache-control: max-age=86400
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 76
expires: Sat, 11 Mar 2023 07:19:21 GMT

POST
H2 200 ProductVersion Show response
c.sberlead.ru/clickstream-analytics-bh/services/ 125 B
553 B 216ms
215ms Fetch
application/json 37.18.73.104
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.sberlead.ru/clickstream-analytics-bh/services/ProductVersion

Requested by

Host: front.sletat.ru
URL: https://front.sletat.ru/modules/module6/latest/module.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.73.104 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),

Reverse DNS

sberlead.ru

Software

nginx/1.21.6 /

Resource Hash

b278502523c61586174352be807ab9e667b2237d2d78e74e063fdb654a3d711c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://bontour.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Fri, 10 Mar 2023 07:19:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx/1.21.6
access-control-max-age: 3600
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://bontour.ru
cache-control: max-age=86400
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 125
expires: Sat, 11 Mar 2023 07:19:21 GMT

POST
H2 200 LogEventMethod Show response
c.sberlead.ru/clickstream-analytics-bh/services/ 76 B
642 B 217ms
216ms Fetch
application/json 37.18.73.104
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.sberlead.ru/clickstream-analytics-bh/services/LogEventMethod

Requested by

Host: front.sletat.ru
URL: https://front.sletat.ru/modules/module6/latest/module.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.73.104 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),

Reverse DNS

sberlead.ru

Software

nginx/1.21.6 /

Resource Hash

d0219c1c8ebd7895f6beb61419bdb45ddce4ed1626802cf03360a874986df947

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://bontour.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Fri, 10 Mar 2023 07:19:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx/1.21.6
access-control-max-age: 3600
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://bontour.ru
cache-control: max-age=86400
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 76
expires: Sat, 11 Mar 2023 07:19:21 GMT

GET
H3 200 css2
fonts.googleapis.com/ 20 KB
878 B 20ms
19ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Inter:wght@100;200;300;400;500;600;700;800;900&display=swap

Requested by

Host: c.sberlead.ru
URL: https://c.sberlead.ru/775a8c562505011c3618.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

b2dc460864a60ac3ce89c4c6fab1c62ef9171ac1365cc47aa8aca95ecb06f0cf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 10 Mar 2023 07:19:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 10 Mar 2023 06:04:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 Mar 2023 07:19:21 GMT

GET
H3 200 css2
fonts.googleapis.com/ 28 KB
1 KB 24ms
20ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Open+Sans:ital,wght@0,300;0,400;0,600;0,700;0,800;1,300;1,400;1,600;1,700;1,800&display=swap

Requested by

Host: c.sberlead.ru
URL: https://c.sberlead.ru/775a8c562505011c3618.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

64e4de71a710bbb6b7bc79ec8e2bf2d9b3132e8330d29b6d50479eb95238e8d1

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 10 Mar 2023 07:19:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 10 Mar 2023 05:59:50 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 Mar 2023 07:19:21 GMT

GET
H3 200 css2
fonts.googleapis.com/ 5 KB
624 B 22ms
19ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=PT+Sans:ital,wght@0,400;0,700;1,400;1,700&display=swap

Requested by

Host: c.sberlead.ru
URL: https://c.sberlead.ru/775a8c562505011c3618.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7f1d0ad08e99fd94041679d0a55a90426162b0305ab5daaf9fcb1d58867381ad

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 10 Mar 2023 07:19:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 10 Mar 2023 06:10:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 Mar 2023 07:19:21 GMT

GET
H3 200 css2
fonts.googleapis.com/ 5 KB
631 B 20ms
17ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=PT+Serif:ital,wght@0,400;0,700;1,400;1,700&display=swap

Requested by

Host: c.sberlead.ru
URL: https://c.sberlead.ru/775a8c562505011c3618.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

3609d71ebafb0c2c12076d77311383fa03ca59aab2d56e40fb76db9b69c804de

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 10 Mar 2023 07:19:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 10 Mar 2023 05:33:27 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 Mar 2023 07:19:21 GMT

GET
H3 200 css2
fonts.googleapis.com/ 26 KB
1 KB 31ms
28ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Requested by

Host: c.sberlead.ru
URL: https://c.sberlead.ru/775a8c562505011c3618.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cc140ef1e7c5d527ebb4e2e73107909cd646fd0bbdb10ebad305166c8c1b5204

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 10 Mar 2023 07:19:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 10 Mar 2023 06:06:07 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 Mar 2023 07:19:21 GMT

GET
H3 200 css2
fonts.googleapis.com/ 20 KB
871 B 28ms
25ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto+Slab:wght@100;200;300;400;500;600;700;800;900&display=swap

Requested by

Host: c.sberlead.ru
URL: https://c.sberlead.ru/775a8c562505011c3618.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

0f6d567745426a11367c78761428e6fcb13b2ceb57ed6a0a5284ce03d16929e4

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 10 Mar 2023 07:19:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 10 Mar 2023 06:31:09 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 Mar 2023 07:19:21 GMT

GET
H3 200 css2
fonts.googleapis.com/ 14 KB
911 B 27ms
24ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto+Condensed:ital,wght@0,300;0,400;0,700;1,300;1,400;1,700&display=swap

Requested by

Host: c.sberlead.ru
URL: https://c.sberlead.ru/775a8c562505011c3618.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

f97b2215ad238391faa94d93b6a79bb11e8038f9d42d99150ff013515a6f4750

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 10 Mar 2023 07:19:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 10 Mar 2023 06:05:29 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 Mar 2023 07:19:21 GMT

GET
H3 200 css2
fonts.googleapis.com/ 10 KB
662 B 31ms
27ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Oswald:wght@200;300;400;500;600;700&display=swap

Requested by

Host: c.sberlead.ru
URL: https://c.sberlead.ru/775a8c562505011c3618.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

58cbefaf0f461dc0670eaff4da9f2a2e4f1000e1dfebec0ba390f9859b7792f6

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 10 Mar 2023 07:19:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 10 Mar 2023 06:31:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 Mar 2023 07:19:21 GMT

GET
H3 200 css2
fonts.googleapis.com/ 7 KB
592 B 32ms
28ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Lato:ital,wght@0,100;0,300;0,400;0,700;0,900;1,100;1,300;1,400;1,700;1,900&display=swap

Requested by

Host: c.sberlead.ru
URL: https://c.sberlead.ru/775a8c562505011c3618.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

6f1e145d88c4b3f343055576d559fa8999045d205ea2f4e0d84f3b539c56ced8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 10 Mar 2023 07:19:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 10 Mar 2023 06:03:37 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 Mar 2023 07:19:21 GMT

GET
H3 200 css2
fonts.googleapis.com/ 14 KB
872 B 31ms
28ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Ubuntu:ital,wght@0,300;0,400;0,500;0,700;1,300;1,400;1,500;1,700&display=swap

Requested by

Host: c.sberlead.ru
URL: https://c.sberlead.ru/775a8c562505011c3618.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

54ade860668186a60816a95a13faa8ce43a79438c8f1c5a15e967853e02465c0

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 10 Mar 2023 07:19:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 10 Mar 2023 06:39:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 Mar 2023 07:19:21 GMT

GET
H3 200 css2
fonts.googleapis.com/ 30 KB
1 KB 32ms
28ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Montserrat:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: c.sberlead.ru
URL: https://c.sberlead.ru/775a8c562505011c3618.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

53f4cc30a0cdd34d16dfda9a1e410b541dd08c7711fc2a763045b812ba65150c

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 10 Mar 2023 07:19:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 10 Mar 2023 06:07:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 Mar 2023 07:19:21 GMT

GET
H3 200 css2
fonts.googleapis.com/ 29 KB
1009 B 32ms
28ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Exo+2:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: c.sberlead.ru
URL: https://c.sberlead.ru/775a8c562505011c3618.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

40bade4abd4e5b657379b7f3814d6ca5878b50c3567a5bbef6f77ace390a98b2

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 10 Mar 2023 07:19:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 10 Mar 2023 07:08:17 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 Mar 2023 07:19:21 GMT

GET
H3 200 css2
fonts.googleapis.com/ 17 KB
769 B 33ms
29ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Playfair+Display:ital,wght@0,400;0,500;0,600;0,700;0,800;0,900;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: c.sberlead.ru
URL: https://c.sberlead.ru/775a8c562505011c3618.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

dfb6aa04fe174f86ed5fb8b8614b34eb5baa2c018efce8d0e0315c682059a65e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 10 Mar 2023 07:19:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 10 Mar 2023 06:25:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 Mar 2023 07:19:21 GMT

GET
H3 200 css2
fonts.googleapis.com/ 2 KB
522 B 34ms
29ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Pacifico&display=swap

Requested by

Host: c.sberlead.ru
URL: https://c.sberlead.ru/775a8c562505011c3618.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

00b6294afc61ef4bc202f191b68fffc31d344395ac3ce8d6c4fc8d0e4a25a399

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 10 Mar 2023 07:19:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 10 Mar 2023 06:01:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 Mar 2023 07:19:21 GMT

GET
H3 200 css2
fonts.googleapis.com/ 30 KB
1 KB 34ms
30ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Raleway:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: c.sberlead.ru
URL: https://c.sberlead.ru/775a8c562505011c3618.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e0a67fc730cec145fa5d3ff57421eea36f7c31d1b2acc56bc0346728079bfaa

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 10 Mar 2023 07:19:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 10 Mar 2023 06:31:28 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 Mar 2023 07:19:21 GMT

GET
H3 200 css2
fonts.googleapis.com/ 39 KB
1 KB 35ms
29ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Fira+Sans:ital,wght@0,100;0,200;0,300;0,400;0,500;0,600;0,700;0,800;0,900;1,100;1,200;1,300;1,400;1,500;1,600;1,700;1,800;1,900&display=swap

Requested by

Host: c.sberlead.ru
URL: https://c.sberlead.ru/775a8c562505011c3618.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

23b9bc567b1829ba90788369a6daed03a97f0e7152fd00eb59269525bcd2ceb8

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 10 Mar 2023 07:19:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 10 Mar 2023 07:13:10 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 Mar 2023 07:19:21 GMT

GET
H3 200 css2
fonts.googleapis.com/ 5 KB
639 B 36ms
30ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Philosopher:ital,wght@0,400;0,700;1,400;1,700&display=swap

Requested by

Host: c.sberlead.ru
URL: https://c.sberlead.ru/775a8c562505011c3618.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c19a56f6b0c70159ed8564d7dd8dcb9d2c39dee226f74de17d28fedc6ed6ab74

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 10 Mar 2023 07:19:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 10 Mar 2023 07:19:21 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 Mar 2023 07:19:21 GMT

GET
H3 200 css2
fonts.googleapis.com/ 673 B
350 B 35ms
29ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Neucha&display=swap

Requested by

Host: c.sberlead.ru
URL: https://c.sberlead.ru/775a8c562505011c3618.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

9c51f910a581adfa2d21eeb97fd6985e322745af99e4501ee94dd035ef20e364

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 10 Mar 2023 07:19:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 10 Mar 2023 07:10:45 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 Mar 2023 07:19:21 GMT

GET
H3 200 css2
fonts.googleapis.com/ 2 KB
526 B 36ms
30ms Stylesheet
text/css 2a00:1450:4001:80b::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Yeseva+One&display=swap

Requested by

Host: c.sberlead.ru
URL: https://c.sberlead.ru/775a8c562505011c3618.bundle.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

cb558ade4aadf1d29db46a06447e11738ed2212d1378791f01cd0f9c70de7b7f

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
date: Fri, 10 Mar 2023 07:19:21 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
x-xss-protection: 0
last-modified: Fri, 10 Mar 2023 07:01:25 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Fri, 10 Mar 2023 07:19:21 GMT

POST
H2 200 key Show response
c.sberlead.ru/clickstream-analytics-bh/device/ 122 B
550 B 212ms
212ms Fetch
application/json 37.18.73.104
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.sberlead.ru/clickstream-analytics-bh/device/key

Requested by

Host: front.sletat.ru
URL: https://front.sletat.ru/modules/module6/latest/module.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.73.104 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),

Reverse DNS

sberlead.ru

Software

nginx/1.21.6 /

Resource Hash

f71fb1202b8d57ad5d8bc7cbf6133c86fa94b74a6c52c4fb01008214db9f049d

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://bontour.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Fri, 10 Mar 2023 07:19:21 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx/1.21.6
access-control-max-age: 3600
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://bontour.ru
cache-control: max-age=86400
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 122
expires: Sat, 11 Mar 2023 07:19:21 GMT

OPTIONS
H2 200 key
c.sberlead.ru/clickstream-analytics-bh/device/ Frame 0
0 47ms
41ms Preflight
application/json 37.18.73.104
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.sberlead.ru/clickstream-analytics-bh/device/key

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.73.104 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),

Reverse DNS

sberlead.ru

Software

nginx/1.21.6 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://bontour.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://bontour.ru
access-control-max-age: 3600
cache-control: max-age=86400
content-length: 0
content-type: application/json;charset=UTF-8
date: Fri, 10 Mar 2023 07:19:21 GMT
expires: Sat, 11 Mar 2023 07:19:21 GMT
server: nginx/1.21.6
strict-transport-security: max-age=31536000; includeSubDomains

GET
H3 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
16 KB 151ms
150ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bontour.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 03 Mar 2023 09:37:51 GMT
x-content-type-options: nosniff
age: 596491
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15860
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 02 Mar 2024 09:37:51 GMT

GET
H3 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
9 KB 153ms
152ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bontour.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:04:49 GMT
x-content-type-options: nosniff
age: 83673
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9644
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:50 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Mar 2024 08:04:49 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 152ms
151ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bontour.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Mon, 06 Mar 2023 01:29:06 GMT
x-content-type-options: nosniff
age: 366616
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15744
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:48 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 05 Mar 2024 01:29:06 GMT

GET
H3 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
9 KB 152ms
151ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bontour.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:47:40 GMT
x-content-type-options: nosniff
age: 81102
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9628
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Mar 2024 08:47:40 GMT

GET
H3 200 KFOkCnqEu92Fr1Mu51xIIzI.woff2
fonts.gstatic.com/s/roboto/v30/ 17 KB
17 KB 153ms
153ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOkCnqEu92Fr1Mu51xIIzI.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bontour.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 05:20:36 GMT
x-content-type-options: nosniff
age: 93526
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17368
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:42 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Mar 2024 05:20:36 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fBBc4.woff2
fonts.gstatic.com/s/roboto/v30/ 15 KB
15 KB 151ms
150ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bontour.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 06:19:10 GMT
x-content-type-options: nosniff
age: 3612
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 15740
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:56 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Sat, 09 Mar 2024 06:19:10 GMT

GET
H3 200 KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2
fonts.gstatic.com/s/roboto/v30/ 9 KB
9 KB 150ms
150ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOlCnqEu92Fr1MmSU5fABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

47aa3bfad6cb9e2d63abdd58f4e6ce4f7b9fd2704b2b15193c71874035fe025d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bontour.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Wed, 08 Mar 2023 17:12:37 GMT
x-content-type-options: nosniff
age: 137205
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 9576
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Thu, 07 Mar 2024 17:12:37 GMT

GET
H3 200 KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2
fonts.gstatic.com/s/roboto/v30/ 17 KB
17 KB 147ms
147ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v30/KFOjCnqEu92Fr1Mu51TjASc6CsQ.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Roboto:ital,wght@0,100;0,300;0,400;0,500;0,700;0,900;1,100;1,300;1,400;1,500;1,700;1,900&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bb8007225d94a099cddbade7ea904667c0dd0b68d5e30778e5c6257589ab94d1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bontour.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Tue, 07 Mar 2023 10:48:58 GMT
x-content-type-options: nosniff
age: 246624
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 17508
x-xss-protection: 0
last-modified: Wed, 11 May 2022 19:24:41 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Wed, 06 Mar 2024 10:48:58 GMT

POST
H2 200 LogEventMethod Show response
c.sberlead.ru/clickstream-analytics-bh/services/ 76 B
642 B 46ms
45ms Fetch
application/json 37.18.73.104
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.sberlead.ru/clickstream-analytics-bh/services/LogEventMethod

Requested by

Host: front.sletat.ru
URL: https://front.sletat.ru/modules/module6/latest/module.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.73.104 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),

Reverse DNS

sberlead.ru

Software

nginx/1.21.6 /

Resource Hash

d0219c1c8ebd7895f6beb61419bdb45ddce4ed1626802cf03360a874986df947

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://bontour.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Fri, 10 Mar 2023 07:19:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx/1.21.6
access-control-max-age: 3600
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://bontour.ru
cache-control: max-age=86400
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 76
expires: Sat, 11 Mar 2023 07:19:22 GMT

POST
H2 200 DeviceGUID Show response
c.sberlead.ru/clickstream-analytics-bh/services/ 144 B
711 B 46ms
46ms Fetch
application/json 37.18.73.104
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.sberlead.ru/clickstream-analytics-bh/services/DeviceGUID

Requested by

Host: front.sletat.ru
URL: https://front.sletat.ru/modules/module6/latest/module.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.73.104 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),

Reverse DNS

sberlead.ru

Software

nginx/1.21.6 /

Resource Hash

87252016d274974289bc8ac2f0fed5c9c5fd5ac3739345376cae8279a4d74e1b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://bontour.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Fri, 10 Mar 2023 07:19:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx/1.21.6
access-control-max-age: 3600
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://bontour.ru
cache-control: max-age=86400
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 144
expires: Sat, 11 Mar 2023 07:19:22 GMT

GET
H2 200 GetHotels Show response
module.sletat.ru/Main.svc/ 2 MB
175 KB 123ms
123ms Fetch
application/json 31.131.248.51
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL

https://module.sletat.ru/Main.svc/GetHotels?countryId=119&towns=&stars=&all=-1&target=module-6.0

Requested by

Host: front.sletat.ru
URL: https://front.sletat.ru/modules/module6/latest/module.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

31.131.248.51 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

Software

nginx /

Resource Hash

5cfdd64e3a2a656bd861c6a07f4dbb27e402ce7e2a88367081faec94119680d7

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; base-uri 'self'; object-src 'none'; block-all-mixed-content; connect-src 'self' api-cms.sletat.ru sentry.io ; font-src 'self'; form-action 'self'; frame-ancestors 'none'; frame-src 'none'; img-src 'self'; manifest-src 'self'; media-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://sentry.io/api/277394/security/?sentry_key=0a2b2bfb6013486ebb44c51258ebac52
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bontour.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 10 Mar 2023 07:19:22 GMT
content-security-policy: default-src 'none'; base-uri 'self'; object-src 'none'; block-all-mixed-content; connect-src 'self' api-cms.sletat.ru sentry.io ; font-src 'self'; form-action 'self'; frame-ancestors 'none'; frame-src 'none'; img-src 'self'; manifest-src 'self'; media-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://sentry.io/api/277394/security/?sentry_key=0a2b2bfb6013486ebb44c51258ebac52
content-encoding: gzip
core: 102
server: nginx
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private

OPTIONS
H2 200 LogEventMethod
c.sberlead.ru/clickstream-analytics-bh/services/ Frame 0
0 44ms
39ms Preflight
application/json 37.18.73.104
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.sberlead.ru/clickstream-analytics-bh/services/LogEventMethod

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.73.104 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),

Reverse DNS

sberlead.ru

Software

nginx/1.21.6 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://bontour.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://bontour.ru
access-control-max-age: 3600
cache-control: max-age=86400
content-length: 0
content-type: application/json;charset=UTF-8
date: Fri, 10 Mar 2023 07:19:22 GMT
expires: Sat, 11 Mar 2023 07:19:22 GMT
server: nginx/1.21.6
strict-transport-security: max-age=31536000; includeSubDomains

OPTIONS
H2 200 DeviceGUID
c.sberlead.ru/clickstream-analytics-bh/services/ Frame 0
0 44ms
40ms Preflight
application/json 37.18.73.104
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.sberlead.ru/clickstream-analytics-bh/services/DeviceGUID

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.73.104 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),

Reverse DNS

sberlead.ru

Software

nginx/1.21.6 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://bontour.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://bontour.ru
access-control-max-age: 3600
cache-control: max-age=86400
content-length: 0
content-type: application/json;charset=UTF-8
date: Fri, 10 Mar 2023 07:19:22 GMT
expires: Sat, 11 Mar 2023 07:19:22 GMT
server: nginx/1.21.6
strict-transport-security: max-age=31536000; includeSubDomains

OPTIONS
H2 200 GetHotels
module.sletat.ru/Main.svc/ Frame 0
0 61ms
58ms Preflight 31.131.248.51
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL

https://module.sletat.ru/Main.svc/GetHotels?countryId=119&towns=&stars=&all=-1&target=module-6.0

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

31.131.248.51 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; base-uri 'self'; object-src 'none'; block-all-mixed-content; connect-src 'self' api-cms.sletat.ru sentry.io ; font-src 'self'; form-action 'self'; frame-ancestors 'none'; frame-src 'none'; img-src 'self'; manifest-src 'self'; media-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://sentry.io/api/277394/security/?sentry_key=0a2b2bfb6013486ebb44c51258ebac52
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://bontour.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Accept, google-token
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
cache-control: no-cache
content-length: 0
content-security-policy: default-src 'none'; base-uri 'self'; object-src 'none'; block-all-mixed-content; connect-src 'self' api-cms.sletat.ru sentry.io ; font-src 'self'; form-action 'self'; frame-ancestors 'none'; frame-src 'none'; img-src 'self'; manifest-src 'self'; media-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://sentry.io/api/277394/security/?sentry_key=0a2b2bfb6013486ebb44c51258ebac52
core: 102
date: Fri, 10 Mar 2023 07:19:22 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: SAMEORIGIN

POST
H2 200 Settings Show response
c.sberlead.ru/clickstream-analytics-bh/services/ 5 KB
5 KB 45ms
45ms Fetch
application/json 37.18.73.104
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.sberlead.ru/clickstream-analytics-bh/services/Settings

Requested by

Host: front.sletat.ru
URL: https://front.sletat.ru/modules/module6/latest/module.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.73.104 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),

Reverse DNS

sberlead.ru

Software

nginx/1.21.6 /

Resource Hash

64333aee026d0b25a94df1b97d5c17a35cd41ccec70e11b18380d405664211db

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://bontour.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Fri, 10 Mar 2023 07:19:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx/1.21.6
access-control-max-age: 3600
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://bontour.ru
cache-control: max-age=86400
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 4766
expires: Sat, 11 Mar 2023 07:19:22 GMT

OPTIONS
H2 200 Settings
c.sberlead.ru/clickstream-analytics-bh/services/ Frame 0
0 41ms
41ms Preflight
application/json 37.18.73.104
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.sberlead.ru/clickstream-analytics-bh/services/Settings

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.73.104 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),

Reverse DNS

sberlead.ru

Software

nginx/1.21.6 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://bontour.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://bontour.ru
access-control-max-age: 3600
cache-control: max-age=86400
content-length: 0
content-type: application/json;charset=UTF-8
date: Fri, 10 Mar 2023 07:19:22 GMT
expires: Sat, 11 Mar 2023 07:19:22 GMT
server: nginx/1.21.6
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 GetTourDates Show response
module.sletat.ru/Main.svc/ 4 KB
1 KB 65ms
62ms Fetch
application/json 31.131.248.51
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL

https://module.sletat.ru/Main.svc/GetTourDates?countryId=119&dptCityId=1264

Requested by

Host: front.sletat.ru
URL: https://front.sletat.ru/modules/module6/latest/module.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

31.131.248.51 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

Software

nginx /

Resource Hash

a5bd14f143101f651bd9a1c65b62de79583d63e9eadfa11ecf6ac7fe8a1a494e

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; base-uri 'self'; object-src 'none'; block-all-mixed-content; connect-src 'self' api-cms.sletat.ru sentry.io ; font-src 'self'; form-action 'self'; frame-ancestors 'none'; frame-src 'none'; img-src 'self'; manifest-src 'self'; media-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://sentry.io/api/277394/security/?sentry_key=0a2b2bfb6013486ebb44c51258ebac52
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Referer: https://bontour.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json

Response headers

date: Fri, 10 Mar 2023 07:19:22 GMT
content-security-policy: default-src 'none'; base-uri 'self'; object-src 'none'; block-all-mixed-content; connect-src 'self' api-cms.sletat.ru sentry.io ; font-src 'self'; form-action 'self'; frame-ancestors 'none'; frame-src 'none'; img-src 'self'; manifest-src 'self'; media-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://sentry.io/api/277394/security/?sentry_key=0a2b2bfb6013486ebb44c51258ebac52
content-encoding: gzip
core: 102
server: nginx
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: SAMEORIGIN
content-type: application/json; charset=utf-8
access-control-allow-origin: *
cache-control: private

OPTIONS
H2 200 GetTourDates
module.sletat.ru/Main.svc/ Frame 0
0 59ms
59ms Preflight 31.131.248.51
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL

https://module.sletat.ru/Main.svc/GetTourDates?countryId=119&dptCityId=1264

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

31.131.248.51 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

Software

nginx /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	default-src 'none'; base-uri 'self'; object-src 'none'; block-all-mixed-content; connect-src 'self' api-cms.sletat.ru sentry.io ; font-src 'self'; form-action 'self'; frame-ancestors 'none'; frame-src 'none'; img-src 'self'; manifest-src 'self'; media-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://sentry.io/api/277394/security/?sentry_key=0a2b2bfb6013486ebb44c51258ebac52
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Frame-Options	SAMEORIGIN

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: GET
Origin: https://bontour.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-headers: Content-Type, Accept, google-token
access-control-allow-methods: GET, POST, DELETE, PUT, OPTIONS
access-control-allow-origin: *
access-control-max-age: 1728000
cache-control: no-cache
content-length: 0
content-security-policy: default-src 'none'; base-uri 'self'; object-src 'none'; block-all-mixed-content; connect-src 'self' api-cms.sletat.ru sentry.io ; font-src 'self'; form-action 'self'; frame-ancestors 'none'; frame-src 'none'; img-src 'self'; manifest-src 'self'; media-src 'none'; script-src 'self'; style-src 'self' 'unsafe-inline'; report-uri https://sentry.io/api/277394/security/?sentry_key=0a2b2bfb6013486ebb44c51258ebac52
core: 102
date: Fri, 10 Mar 2023 07:19:22 GMT
server: nginx
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-frame-options: SAMEORIGIN

POST
H2 200 Scenarios Show response
c.sberlead.ru/clickstream-analytics-bh/services/ 76 B
642 B 46ms
45ms Fetch
application/json 37.18.73.104
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.sberlead.ru/clickstream-analytics-bh/services/Scenarios

Requested by

Host: front.sletat.ru
URL: https://front.sletat.ru/modules/module6/latest/module.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.73.104 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),

Reverse DNS

sberlead.ru

Software

nginx/1.21.6 /

Resource Hash

d0219c1c8ebd7895f6beb61419bdb45ddce4ed1626802cf03360a874986df947

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://bontour.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Fri, 10 Mar 2023 07:19:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx/1.21.6
access-control-max-age: 3600
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://bontour.ru
cache-control: max-age=86400
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 76
expires: Sat, 11 Mar 2023 07:19:22 GMT

OPTIONS
H2 200 Scenarios
c.sberlead.ru/clickstream-analytics-bh/services/ Frame 0
0 41ms
41ms Preflight
application/json 37.18.73.104
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.sberlead.ru/clickstream-analytics-bh/services/Scenarios

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.73.104 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),

Reverse DNS

sberlead.ru

Software

nginx/1.21.6 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://bontour.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://bontour.ru
access-control-max-age: 3600
cache-control: max-age=86400
content-length: 0
content-type: application/json;charset=UTF-8
date: Fri, 10 Mar 2023 07:19:22 GMT
expires: Sat, 11 Mar 2023 07:19:22 GMT
server: nginx/1.21.6
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 200 FeedList Show response
c.sberlead.ru/clickstream-analytics-bh/services/ 31 KB
32 KB 50ms
50ms Fetch
application/json 37.18.73.104
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.sberlead.ru/clickstream-analytics-bh/services/FeedList

Requested by

Host: front.sletat.ru
URL: https://front.sletat.ru/modules/module6/latest/module.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.73.104 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),

Reverse DNS

sberlead.ru

Software

nginx/1.21.6 /

Resource Hash

3ab905b1ac3a5d6fc2bd65dda9bfae5b8c4c9b230fa946f0239126c6817ba60b

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://bontour.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Fri, 10 Mar 2023 07:19:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx/1.21.6
access-control-max-age: 3600
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://bontour.ru
cache-control: max-age=86400
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 32087
expires: Sat, 11 Mar 2023 07:19:22 GMT

POST
H2 200 sitemap Show response
c.sberlead.ru/clickstream-analytics-bh/services/ 139 B
706 B 50ms
49ms Fetch
application/json 37.18.73.104
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.sberlead.ru/clickstream-analytics-bh/services/sitemap

Requested by

Host: front.sletat.ru
URL: https://front.sletat.ru/modules/module6/latest/module.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.73.104 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),

Reverse DNS

sberlead.ru

Software

nginx/1.21.6 /

Resource Hash

58ebc348c8afcccdc7d7e2e3ec1d14a0a7f8d20190c3d33fef7c2c62a013e820

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://bontour.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Fri, 10 Mar 2023 07:19:22 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx/1.21.6
access-control-max-age: 3600
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://bontour.ru
cache-control: max-age=86400
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 139
expires: Sat, 11 Mar 2023 07:19:22 GMT

GET
H2 200 OpenSansRegular.woff
static.sletat.ru/fonts/open-sans/ 27 KB
27 KB 66ms
57ms Font
application/font-woff 31.131.248.51
SELECTEL

General

Check archive.org

Show headers Download Go to

Full URL

https://static.sletat.ru/fonts/open-sans/OpenSansRegular.woff

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

31.131.248.51 St Petersburg, Russian Federation, ASN49505 (SELECTEL, RU),

Reverse DNS

Software

nginx /

Resource Hash

caeec0b59ba7ea579ce20d9b84e6d9b4a55ff0d4bd27126b0929b3d2de644cd4

Security Headers

Name	Value
Strict-Transport-Security	max-age=63072000; includeSubDomains; preload
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bontour.ru/
Origin: https://bontour.ru
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 07:19:22 GMT
strict-transport-security: max-age=63072000; includeSubDomains; preload
x-content-type-options: nosniff
referrer-policy: strict-origin-when-cross-origin
last-modified: Thu, 14 Mar 2019 13:19:39 GMT
server: nginx
etag: "5c8a54eb-6ac8"
expect-ct: max-age=86400, report-uri="https://sentry.io/api/277394/security/?sentry_key=0a2b2bfb6013486ebb44c51258ebac52"
vary: Origin
x-frame-options: SAMEORIGIN
content-type: application/font-woff
access-control-allow-origin: https://bontour.ru
accept-ranges: bytes
content-length: 27336
x-xss-protection: 1; mode=block

OPTIONS
H2 200 FeedList
c.sberlead.ru/clickstream-analytics-bh/services/ Frame 0
0 42ms
42ms Preflight
application/json 37.18.73.104
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.sberlead.ru/clickstream-analytics-bh/services/FeedList

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.73.104 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),

Reverse DNS

sberlead.ru

Software

nginx/1.21.6 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://bontour.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://bontour.ru
access-control-max-age: 3600
cache-control: max-age=86400
content-length: 0
content-type: application/json;charset=UTF-8
date: Fri, 10 Mar 2023 07:19:22 GMT
expires: Sat, 11 Mar 2023 07:19:22 GMT
server: nginx/1.21.6
strict-transport-security: max-age=31536000; includeSubDomains

OPTIONS
H2 200 sitemap
c.sberlead.ru/clickstream-analytics-bh/services/ Frame 0
0 41ms
41ms Preflight
application/json 37.18.73.104
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.sberlead.ru/clickstream-analytics-bh/services/sitemap

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.73.104 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),

Reverse DNS

sberlead.ru

Software

nginx/1.21.6 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://bontour.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://bontour.ru
access-control-max-age: 3600
cache-control: max-age=86400
content-length: 0
content-type: application/json;charset=UTF-8
date: Fri, 10 Mar 2023 07:19:22 GMT
expires: Sat, 11 Mar 2023 07:19:22 GMT
server: nginx/1.21.6
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 sprite.svg
bitrix.infoflot.com/local/templates/infoflot/frontend/images/ Frame 8D27 27 KB
27 KB 45ms
44ms Other
image/svg+xml 188.225.80.60
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bitrix.infoflot.com/local/templates/infoflot/frontend/images/sprite.svg

Requested by

Host: bitrix.infoflot.com
URL: https://bitrix.infoflot.com/local/templates/infoflot/frontend/js/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.225.80.60 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),

Reverse DNS

worldtradetips.com

Software

nginx /

Resource Hash

8acd180b7942eaa71c0ea26de36c05472c97a78b9f0341572b367ae60f209087

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitrix.infoflot.com/rest/api/search.filter/?key=YTo0OntzOjI6IklEIjtzOjM6Ijg2NiI7czo0OiJVU0VSIjtzOjI4OiJibUYwWVd4cFlTMXVRR0p2Ym5SdmRYSXVjblU9IjtzOjY6IlJBTkRPTSI7czo4OiJmZWx3bWd3ZyI7czoxNToiSU5GT0ZMT1QtQVBJS0VZIjtzOjQwOiI3YTdlYjM1N2VlMzVmNzc1ZmJhZGFiMzIwMWVkNjE0YTM0OGQwYjM5Ijt9&referer=https%3A%2F%2Fbontour.ru%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 07:19:22 GMT
x-content-type-options: nosniff
last-modified: Mon, 31 Oct 2022 10:33:49 GMT
server: nginx
etag: "635fa48d-6a3b"
content-type: image/svg+xml
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 27195
expires: Sun, 09 Apr 2023 07:19:22 GMT

GET
H2 200 input-checkbox.svg
bitrix.infoflot.com/local/templates/infoflot/frontend/images/icons/ Frame 8D27 209 B
410 B 78ms
78ms Image
image/svg+xml 188.225.80.60
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bitrix.infoflot.com/local/templates/infoflot/frontend/images/icons/input-checkbox.svg

Requested by

Host: bitrix.infoflot.com
URL: https://bitrix.infoflot.com/local/templates/infoflot/frontend/css/app.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.225.80.60 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),

Reverse DNS

worldtradetips.com

Software

nginx /

Resource Hash

87f3eaa531e765d3b1c53923d06bf568f150edead76c6bc4105e308c041144c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitrix.infoflot.com/local/templates/infoflot/frontend/css/app.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 07:19:22 GMT
x-content-type-options: nosniff
last-modified: Fri, 02 Sep 2022 03:57:34 GMT
server: nginx
etag: "63117f2e-d1"
content-type: image/svg+xml
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 209
expires: Sun, 09 Apr 2023 07:19:22 GMT

GET
H3 200 memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2
fonts.gstatic.com/s/opensans/v34/ Frame 8D27 31 KB
31 KB 8ms
8ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/opensans/v34/memvYaGs126MiZpBA-UvWbX2vVnXBbObj2OVTSGmu1aB.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700&family=PT+Sans:wght@700&family=Raleway:wght@500&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

24c0e724005344165ee0a0ff4c96a914e174bb4caa20c8a533fb194d92853e95

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bitrix.infoflot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 00:50:58 GMT
x-content-type-options: nosniff
age: 109704
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 31320
x-xss-protection: 0
last-modified: Mon, 15 Aug 2022 18:11:37 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Mar 2024 00:50:58 GMT

GET
H2 200 select-trigger.svg
bitrix.infoflot.com/local/templates/infoflot/frontend/images/icons/ Frame 8D27 1 KB
1 KB 44ms
44ms Image
image/svg+xml 188.225.80.60
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bitrix.infoflot.com/local/templates/infoflot/frontend/images/icons/select-trigger.svg

Requested by

Host: bitrix.infoflot.com
URL: https://bitrix.infoflot.com/local/templates/infoflot/frontend/css/app.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.225.80.60 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),

Reverse DNS

worldtradetips.com

Software

nginx /

Resource Hash

ccf5aabec5f8aeeb9ac6c5ad3c6ac4804c13ee1cf4a12ed004149efc5d21ebc2

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitrix.infoflot.com/local/templates/infoflot/frontend/css/app.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 07:19:22 GMT
x-content-type-options: nosniff
last-modified: Mon, 19 Sep 2022 15:32:05 GMT
server: nginx
etag: "63288b75-417"
content-type: image/svg+xml
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 1047
expires: Sun, 09 Apr 2023 07:19:22 GMT

GET
H2 200 preloader.svg
bitrix.infoflot.com/local/templates/infoflot/frontend/images/ Frame 8D27 656 B
858 B 45ms
44ms Image
image/svg+xml 188.225.80.60
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bitrix.infoflot.com/local/templates/infoflot/frontend/images/preloader.svg

Requested by

Host: bitrix.infoflot.com
URL: https://bitrix.infoflot.com/local/templates/infoflot/frontend/js/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.225.80.60 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),

Reverse DNS

worldtradetips.com

Software

nginx /

Resource Hash

4d9c1c1bf1a712985b8a878245f5db012cc3bde9c2b562727840706e5c577c6c

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitrix.infoflot.com/rest/api/search.filter/?key=YTo0OntzOjI6IklEIjtzOjM6Ijg2NiI7czo0OiJVU0VSIjtzOjI4OiJibUYwWVd4cFlTMXVRR0p2Ym5SdmRYSXVjblU9IjtzOjY6IlJBTkRPTSI7czo4OiJmZWx3bWd3ZyI7czoxNToiSU5GT0ZMT1QtQVBJS0VZIjtzOjQwOiI3YTdlYjM1N2VlMzVmNzc1ZmJhZGFiMzIwMWVkNjE0YTM0OGQwYjM5Ijt9&referer=https%3A%2F%2Fbontour.ru%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 07:19:22 GMT
x-content-type-options: nosniff
last-modified: Mon, 19 Sep 2022 15:32:05 GMT
server: nginx
etag: "63288b75-290"
content-type: image/svg+xml
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 656
expires: Sun, 09 Apr 2023 07:19:22 GMT

POST
H2 200 / Show response
bitrix.infoflot.com/rest/api/search.filter/ Frame 8D27 99 KB
9 KB 1184ms
1183ms XHR
text/html 188.225.80.60
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bitrix.infoflot.com/rest/api/search.filter/

Requested by

Host: bitrix.infoflot.com
URL: https://bitrix.infoflot.com/local/templates/infoflot/frontend/js/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.225.80.60 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),

Reverse DNS

worldtradetips.com

Software

nginx /

Resource Hash

ffdf3f9b760ccde690795bdfd9746bc606462af2e98c5e14029236a5478fb0a8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: text/html, */*; q=0.01
Referer: https://bitrix.infoflot.com/rest/api/search.filter/?key=YTo0OntzOjI6IklEIjtzOjM6Ijg2NiI7czo0OiJVU0VSIjtzOjI4OiJibUYwWVd4cFlTMXVRR0p2Ym5SdmRYSXVjblU9IjtzOjY6IlJBTkRPTSI7czo4OiJmZWx3bWd3ZyI7czoxNToiSU5GT0ZMT1QtQVBJS0VZIjtzOjQwOiI3YTdlYjM1N2VlMzVmNzc1ZmJhZGFiMzIwMWVkNjE0YTM0OGQwYjM5Ijt9&referer=https%3A%2F%2Fbontour.ru%2F
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 07:19:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: HTTPS
access-control-allow-methods: POST, GET, OPTIONS
p3p: policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
x-powered-cms: Bitrix Site Manager (80c3edb7948e58670f711726251d67e3)
access-control-allow-origin: *
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
accept: text/html
expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H2 200 / Show response
bitrix.infoflot.com/rest/api/search.filter/ Frame 8D27 54 KB
4 KB 803ms
803ms XHR
text/html 188.225.80.60
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bitrix.infoflot.com/rest/api/search.filter/

Requested by

Host: bitrix.infoflot.com
URL: https://bitrix.infoflot.com/local/templates/infoflot/frontend/js/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.225.80.60 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),

Reverse DNS

worldtradetips.com

Software

nginx /

Resource Hash

4fff268b1b48a6d8a3d07389fcd494cc6005ca5d81b24c3f9608d1158dce15b8

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Accept: text/html, */*; q=0.01
Referer: https://bitrix.infoflot.com/rest/api/search.filter/?key=YTo0OntzOjI6IklEIjtzOjM6Ijg2NiI7czo0OiJVU0VSIjtzOjI4OiJibUYwWVd4cFlTMXVRR0p2Ym5SdmRYSXVjblU9IjtzOjY6IlJBTkRPTSI7czo4OiJmZWx3bWd3ZyI7czoxNToiSU5GT0ZMT1QtQVBJS0VZIjtzOjQwOiI3YTdlYjM1N2VlMzVmNzc1ZmJhZGFiMzIwMWVkNjE0YTM0OGQwYjM5Ijt9&referer=https%3A%2F%2Fbontour.ru%2F
X-Requested-With: XMLHttpRequest
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/x-www-form-urlencoded; charset=UTF-8

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 07:19:23 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: nginx
vary: HTTPS
access-control-allow-methods: POST, GET, OPTIONS
p3p: policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
x-powered-cms: Bitrix Site Manager (80c3edb7948e58670f711726251d67e3)
access-control-allow-origin: *
content-type: text/html; charset=UTF-8
cache-control: no-store, no-cache, must-revalidate
access-control-allow-credentials: true
accept: text/html
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 404 sitemap.xml Show response
bontour.ru/ 44 KB
13 KB 253ms
253ms Fetch
text/html 81.200.112.216
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bontour.ru/sitemap.xml
Requested by: Host: front.sletat.ru
URL: https://front.sletat.ru/modules/module6/latest/module.js
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 81.200.112.216 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: nginx-reuseport/1.21.1 / PHP/5.3.29
Resource Hash: f2cbe3092c8fa5b401a520407dd7fdacfcfe3e5f067462db6a0fca3417ccd280

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bontour.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 07:19:22 GMT
content-encoding: gzip
server: nginx-reuseport/1.21.1
x-powered-by: PHP/5.3.29
vary: Accept-Encoding
content-type: text/html
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
expires: Thu, 19 Nov 1981 08:52:00 GMT

POST
H2 200 LogEventMethod Show response
c.sberlead.ru/clickstream-analytics-bh/services/ 76 B
642 B 44ms
44ms Fetch
application/json 37.18.73.104
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.sberlead.ru/clickstream-analytics-bh/services/LogEventMethod

Requested by

Host: front.sletat.ru
URL: https://front.sletat.ru/modules/module6/latest/module.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.73.104 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),

Reverse DNS

sberlead.ru

Software

nginx/1.21.6 /

Resource Hash

d0219c1c8ebd7895f6beb61419bdb45ddce4ed1626802cf03360a874986df947

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://bontour.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Fri, 10 Mar 2023 07:19:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx/1.21.6
access-control-max-age: 3600
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://bontour.ru
cache-control: max-age=86400
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 76
expires: Sat, 11 Mar 2023 07:19:23 GMT

OPTIONS
H2 200 LogEventMethod
c.sberlead.ru/clickstream-analytics-bh/services/ Frame 0
0 41ms
41ms Preflight
application/json 37.18.73.104
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.sberlead.ru/clickstream-analytics-bh/services/LogEventMethod

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.73.104 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),

Reverse DNS

sberlead.ru

Software

nginx/1.21.6 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://bontour.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://bontour.ru
access-control-max-age: 3600
cache-control: max-age=86400
content-length: 0
content-type: application/json;charset=UTF-8
date: Fri, 10 Mar 2023 07:19:23 GMT
expires: Sat, 11 Mar 2023 07:19:23 GMT
server: nginx/1.21.6
strict-transport-security: max-age=31536000; includeSubDomains

POST
H2 200 26037942 Show response
mc.yandex.com/webvisor/ 43 B
145 B 191ms
50ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/26037942?wmode=0&wv-part=1&wv-hit=906532019&page-url=https%3A%2F%2Fbontour.ru%2F&rn=715232640&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1678432763%3Aw%3A1600x1200%3Av%3A970%3Az%3A0%3Ai%3A20230310071923%3Au%3A1678432760858097477%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Ast%3A1678432763&t=gdpr(14)ti(2)

Requested by

Host: front.sletat.ru
URL: https://front.sletat.ru/modules/module6/latest/module.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bontour.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 07:19:23 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 10-Mar-2023 07:19:23 GMT
content-type: image/gif
access-control-allow-origin: https://bontour.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 10-Mar-2023 07:19:23 GMT

POST
H2 200 AnalyticsEvent Show response
c.sberlead.ru/clickstream-analytics-bh/services/ 76 B
642 B 46ms
46ms Fetch
application/json 37.18.73.104
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.sberlead.ru/clickstream-analytics-bh/services/AnalyticsEvent

Requested by

Host: front.sletat.ru
URL: https://front.sletat.ru/modules/module6/latest/module.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.73.104 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),

Reverse DNS

sberlead.ru

Software

nginx/1.21.6 /

Resource Hash

d0219c1c8ebd7895f6beb61419bdb45ddce4ed1626802cf03360a874986df947

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Referer: https://bontour.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: application/json; charset=utf-8

Response headers

date: Fri, 10 Mar 2023 07:19:23 GMT
strict-transport-security: max-age=31536000; includeSubDomains
server: nginx/1.21.6
access-control-max-age: 3600
access-control-allow-methods: POST, GET, OPTIONS
content-type: application/json;charset=UTF-8
access-control-allow-origin: https://bontour.ru
cache-control: max-age=86400
access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
content-length: 76
expires: Sat, 11 Mar 2023 07:19:23 GMT

OPTIONS
H2 200 AnalyticsEvent
c.sberlead.ru/clickstream-analytics-bh/services/ Frame 0
0 41ms
41ms Preflight
application/json 37.18.73.104
SBERCLOUD-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://c.sberlead.ru/clickstream-analytics-bh/services/AnalyticsEvent

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

37.18.73.104 , Russian Federation, ASN208677 (SBERCLOUD-AS, RU),

Reverse DNS

sberlead.ru

Software

nginx/1.21.6 /

Resource Hash

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000; includeSubDomains

Request headers

Accept: */*
Access-Control-Request-Headers: content-type
Access-Control-Request-Method: POST
Origin: https://bontour.ru
Sec-Fetch-Mode: cors
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

access-control-allow-credentials: true
access-control-allow-headers: Access-Control-Allow-Headers, Origin, Accept, X-Requested-With, Content-Type, Access-Control-Request-Method, Access-Control-Request-Headers
access-control-allow-methods: POST, GET, OPTIONS
access-control-allow-origin: https://bontour.ru
access-control-max-age: 3600
cache-control: max-age=86400
content-length: 0
content-type: application/json;charset=UTF-8
date: Fri, 10 Mar 2023 07:19:23 GMT
expires: Sat, 11 Mar 2023 07:19:23 GMT
server: nginx/1.21.6
strict-transport-security: max-age=31536000; includeSubDomains

GET
H2 200 sprite.svg
bitrix.infoflot.com/local/templates/infoflot/frontend/images/ Frame 8D27 27 KB
27 KB 92ms
91ms Other
image/svg+xml 188.225.80.60
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bitrix.infoflot.com/local/templates/infoflot/frontend/images/sprite.svg

Requested by

Host: bitrix.infoflot.com
URL: https://bitrix.infoflot.com/local/templates/infoflot/frontend/js/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.225.80.60 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),

Reverse DNS

worldtradetips.com

Software

nginx /

Resource Hash

8acd180b7942eaa71c0ea26de36c05472c97a78b9f0341572b367ae60f209087

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitrix.infoflot.com/rest/api/search.filter/?key=YTo0OntzOjI6IklEIjtzOjM6Ijg2NiI7czo0OiJVU0VSIjtzOjI4OiJibUYwWVd4cFlTMXVRR0p2Ym5SdmRYSXVjblU9IjtzOjY6IlJBTkRPTSI7czo4OiJmZWx3bWd3ZyI7czoxNToiSU5GT0ZMT1QtQVBJS0VZIjtzOjQwOiI3YTdlYjM1N2VlMzVmNzc1ZmJhZGFiMzIwMWVkNjE0YTM0OGQwYjM5Ijt9&referer=https%3A%2F%2Fbontour.ru%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 07:19:23 GMT
x-content-type-options: nosniff
last-modified: Mon, 31 Oct 2022 10:33:49 GMT
server: nginx
etag: "635fa48d-6a3b"
content-type: image/svg+xml
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 27195
expires: Sun, 09 Apr 2023 07:19:23 GMT

GET
H/1.1 200
OK 7dded9889c9f3d8209d34d74743e67caa0402995.jpg
booking.infoflot.com/Uploads/7/d/d/ Frame 8D27 160 KB
161 KB 339ms
62ms Image
image/jpeg 2a01:d8:4:5::1a
RU-CENTER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://booking.infoflot.com/Uploads/7/d/d/7dded9889c9f3d8209d34d74743e67caa0402995.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:d8:4:5::1a , Russian Federation, ASN39494 (RU-CENTER-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: ab8135bb7f71348cfe6d0b7d3e0539b239baba8d461bdbd1baa980e977871933

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitrix.infoflot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: public
Date: Fri, 10 Mar 2023 07:19:24 GMT
Last-Modified: Mon, 02 Sep 2013 14:11:18 GMT
Server: nginx
ETag: "52249c86-280ef"
Content-Type: image/jpeg
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 164079
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK a0c6dd0a6a9abf2e423bc8841218ba874503ffe6.jpg
booking.infoflot.com/Uploads/a/0/c/ Frame 8D27 87 KB
87 KB 343ms
61ms Image
image/jpeg 2a01:d8:4:5::1a
RU-CENTER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://booking.infoflot.com/Uploads/a/0/c/a0c6dd0a6a9abf2e423bc8841218ba874503ffe6.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:d8:4:5::1a , Russian Federation, ASN39494 (RU-CENTER-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 6c5150612ec9b77b14f65440fc214bbd68256856a74943d0b089288a21ae06a0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitrix.infoflot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: public
Date: Fri, 10 Mar 2023 07:19:24 GMT
Last-Modified: Mon, 01 Aug 2022 13:35:21 GMT
Server: nginx
ETag: "62e7d699-15a68"
Content-Type: image/jpeg
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 88680
Expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 26037942 Show response
mc.yandex.com/webvisor/ 43 B
145 B 51ms
51ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/26037942?wmode=0&wv-part=1&wv-hit=906532019&page-url=https%3A%2F%2Fbontour.ru%2F&rn=204288358&wv-type=3&browser-info=we%3A1%3Aet%3A1678432764%3Aw%3A1600x1200%3Av%3A970%3Az%3A0%3Ai%3A20230310071923%3Au%3A1678432760858097477%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Ast%3A1678432764&t=gdpr(14)ti(2)

Requested by

Host: front.sletat.ru
URL: https://front.sletat.ru/modules/module6/latest/module.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bontour.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 07:19:24 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 10-Mar-2023 07:19:24 GMT
content-type: image/gif
access-control-allow-origin: https://bontour.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 10-Mar-2023 07:19:24 GMT

GET
H2 200 sprite.svg
bitrix.infoflot.com/local/templates/infoflot/frontend/images/ Frame 8D27 27 KB
27 KB 45ms
44ms Other
image/svg+xml 188.225.80.60
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to

Full URL

https://bitrix.infoflot.com/local/templates/infoflot/frontend/images/sprite.svg

Requested by

Host: bitrix.infoflot.com
URL: https://bitrix.infoflot.com/local/templates/infoflot/frontend/js/jquery.min.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.225.80.60 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),

Reverse DNS

worldtradetips.com

Software

nginx /

Resource Hash

8acd180b7942eaa71c0ea26de36c05472c97a78b9f0341572b367ae60f209087

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitrix.infoflot.com/rest/api/search.filter/?key=YTo0OntzOjI6IklEIjtzOjM6Ijg2NiI7czo0OiJVU0VSIjtzOjI4OiJibUYwWVd4cFlTMXVRR0p2Ym5SdmRYSXVjblU9IjtzOjY6IlJBTkRPTSI7czo4OiJmZWx3bWd3ZyI7czoxNToiSU5GT0ZMT1QtQVBJS0VZIjtzOjQwOiI3YTdlYjM1N2VlMzVmNzc1ZmJhZGFiMzIwMWVkNjE0YTM0OGQwYjM5Ijt9&referer=https%3A%2F%2Fbontour.ru%2F
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 07:19:24 GMT
x-content-type-options: nosniff
last-modified: Mon, 31 Oct 2022 10:33:49 GMT
server: nginx
etag: "635fa48d-6a3b"
content-type: image/svg+xml
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 27195
expires: Sun, 09 Apr 2023 07:19:24 GMT

GET
H2 200 time-arrow.svg
bitrix.infoflot.com/local/templates/infoflot/frontend/images/icons/ Frame 8D27 516 B
717 B 79ms
78ms Image
image/svg+xml 188.225.80.60
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://bitrix.infoflot.com/local/templates/infoflot/frontend/images/icons/time-arrow.svg

Requested by

Host: bitrix.infoflot.com
URL: https://bitrix.infoflot.com/local/templates/infoflot/frontend/css/app.min.css

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

188.225.80.60 St Petersburg, Russian Federation, ASN9123 (TIMEWEB-AS, RU),

Reverse DNS

worldtradetips.com

Software

nginx /

Resource Hash

a8ad1edfa3bca8656f3371479bb84a659d8a96b005d0985c2ce655450c1d7557

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitrix.infoflot.com/local/templates/infoflot/frontend/css/app.min.css
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Fri, 10 Mar 2023 07:19:24 GMT
x-content-type-options: nosniff
last-modified: Fri, 02 Sep 2022 03:57:34 GMT
server: nginx
etag: "63117f2e-204"
content-type: image/svg+xml
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 516
expires: Sun, 09 Apr 2023 07:19:24 GMT

GET
H3 200 1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvoorCMPrEHJA.woff2
fonts.gstatic.com/s/raleway/v28/ Frame 8D27 12 KB
12 KB 14ms
13ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v28/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvoorCMPrEHJA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700&family=PT+Sans:wght@700&family=Raleway:wght@500&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

021530a3085cfe97726cfe45e266b7bbc41d25e76d64be034dc0f9d98f6aaef3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bitrix.infoflot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 09:25:07 GMT
x-content-type-options: nosniff
age: 78857
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 11968
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:41:14 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Mar 2024 09:25:07 GMT

GET
H3 200 1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvoorCIPrE.woff2
fonts.gstatic.com/s/raleway/v28/ Frame 8D27 20 KB
20 KB 14ms
13ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v28/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvoorCIPrE.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700&family=PT+Sans:wght@700&family=Raleway:wght@500&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

263105b83da311cd76db478c2d958dfded7cc73be6233045a3d3a2b57b86882f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bitrix.infoflot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 08:48:41 GMT
x-content-type-options: nosniff
age: 81043
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 20704
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:57:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Mar 2024 08:48:41 GMT

GET
H3 200 1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvoorCGPrEHJA.woff2
fonts.gstatic.com/s/raleway/v28/ Frame 8D27 15 KB
15 KB 12ms
9ms Font
font/woff2 2a00:1450:4001:806::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/raleway/v28/1Ptxg8zYS_SKggPN4iEgvnHyvveLxVvoorCGPrEHJA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css2?family=Open+Sans:wght@400;600;700&family=PT+Sans:wght@700&family=Raleway:wght@500&display=swap

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:806::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

44a2e9953a463746e8ca2c2741e2999c96efa9fd60fae3788a44f5c2550a7cd2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://bitrix.infoflot.com
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

date: Thu, 09 Mar 2023 21:52:08 GMT
x-content-type-options: nosniff
age: 34036
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000
content-length: 14936
x-xss-protection: 0
last-modified: Mon, 18 Jul 2022 19:38:58 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="apps-themes"
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 08 Mar 2024 21:52:08 GMT

GET
H/1.1 200
OK 694b3d5cc6ccd137f256c3b25456d9654038f070.jpg
booking.infoflot.com/Uploads/6/9/4/ Frame 8D27 182 KB
183 KB 901ms
58ms Image
image/jpeg 2a01:d8:4:5::1a
RU-CENTER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://booking.infoflot.com/Uploads/6/9/4/694b3d5cc6ccd137f256c3b25456d9654038f070.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:d8:4:5::1a , Russian Federation, ASN39494 (RU-CENTER-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: aa7692bc9b1a7fd639625bfc1e3d3624bf51d75753f4872a145e60cd11df3f0a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitrix.infoflot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: public
Date: Fri, 10 Mar 2023 07:19:25 GMT
Last-Modified: Thu, 03 Mar 2022 07:30:17 GMT
Server: nginx
ETag: "62206e89-2d8cb"
Content-Type: image/jpeg
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 186571
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 3d5409628c9672197ee5983cc0d9917ee481cfc1.png
booking.infoflot.com/Uploads/3/d/5/ Frame 8D27 2 KB
2 KB 903ms
60ms Image
image/png 2a01:d8:4:5::1a
RU-CENTER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://booking.infoflot.com/Uploads/3/d/5/3d5409628c9672197ee5983cc0d9917ee481cfc1.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:d8:4:5::1a , Russian Federation, ASN39494 (RU-CENTER-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: bd3e99952cbadeb875572d56782e88c64a530c1f453b46c2122a57a52f1a7649

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitrix.infoflot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: public
Date: Fri, 10 Mar 2023 07:19:25 GMT
Last-Modified: Thu, 02 Jun 2022 11:44:07 GMT
Server: nginx
ETag: "6298a287-676"
Content-Type: image/png
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1654
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 8ba77da5e2d448909a06acc52ab523baf456604a.png
booking.infoflot.com/Uploads/8/b/a/ Frame 8D27 2 KB
2 KB 924ms
67ms Image
image/png 2a01:d8:4:5::1a
RU-CENTER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://booking.infoflot.com/Uploads/8/b/a/8ba77da5e2d448909a06acc52ab523baf456604a.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:d8:4:5::1a , Russian Federation, ASN39494 (RU-CENTER-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 6269e67f47cf3b669c3599e8b73ba4f7ecc25c3f8180a8640381494483142072

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitrix.infoflot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: public
Date: Fri, 10 Mar 2023 07:19:25 GMT
Last-Modified: Thu, 02 Jun 2022 11:46:56 GMT
Server: nginx
ETag: "6298a330-859"
Content-Type: image/png
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2137
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 6322a8911e9a040bebbc444775fa0da45c34a1fc.png
booking.infoflot.com/Uploads/6/3/2/ Frame 8D27 3 KB
3 KB 936ms
62ms Image
image/png 2a01:d8:4:5::1a
RU-CENTER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://booking.infoflot.com/Uploads/6/3/2/6322a8911e9a040bebbc444775fa0da45c34a1fc.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:d8:4:5::1a , Russian Federation, ASN39494 (RU-CENTER-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: eb8af1983e34dac902efdf086a0df3add97f55dca3809ab0a957ee70a6e5ad70

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitrix.infoflot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: public
Date: Fri, 10 Mar 2023 07:19:25 GMT
Last-Modified: Thu, 02 Jun 2022 11:50:51 GMT
Server: nginx
ETag: "6298a41b-b55"
Content-Type: image/png
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2901
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 251408d5a3b7a02ae55e31e5f6a5ddde93c78340.png
booking.infoflot.com/Uploads/2/5/1/ Frame 8D27 2 KB
3 KB 807ms
58ms Image
image/png 2a01:d8:4:5::1a
RU-CENTER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://booking.infoflot.com/Uploads/2/5/1/251408d5a3b7a02ae55e31e5f6a5ddde93c78340.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:d8:4:5::1a , Russian Federation, ASN39494 (RU-CENTER-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: c49cd2efc6989c071e182e45524c4151aae71e4f01c00b6fd45ed6b11a44a677

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitrix.infoflot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: public
Date: Fri, 10 Mar 2023 07:19:25 GMT
Last-Modified: Thu, 02 Jun 2022 11:52:28 GMT
Server: nginx
ETag: "6298a47c-928"
Content-Type: image/png
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2344
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK d02a154ae404d0f43344dbb8f5ecfd6a4c30a64c.png
booking.infoflot.com/Uploads/d/0/2/ Frame 8D27 1 KB
2 KB 138ms
63ms Image
image/png 2a01:d8:4:5::1a
RU-CENTER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://booking.infoflot.com/Uploads/d/0/2/d02a154ae404d0f43344dbb8f5ecfd6a4c30a64c.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:d8:4:5::1a , Russian Federation, ASN39494 (RU-CENTER-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 7e5135686d467111bcf2245a1a82035752f61e635a65e86ec3bf42dff4cb7f30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitrix.infoflot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: public
Date: Fri, 10 Mar 2023 07:19:24 GMT
Last-Modified: Thu, 02 Jun 2022 11:56:09 GMT
Server: nginx
ETag: "6298a559-549"
Content-Type: image/png
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1353
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK f80baf23506363b2cfbf09b7a790e2273525de67.png
booking.infoflot.com/Uploads/f/8/0/ Frame 8D27 3 KB
3 KB 748ms
54ms Image
image/png 2a01:d8:4:5::1a
RU-CENTER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://booking.infoflot.com/Uploads/f/8/0/f80baf23506363b2cfbf09b7a790e2273525de67.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:d8:4:5::1a , Russian Federation, ASN39494 (RU-CENTER-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: a3f089e892395fdbae801893e88e4fbcc4fe32f444740221bc5a1365303ab2ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitrix.infoflot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: public
Date: Fri, 10 Mar 2023 07:19:24 GMT
Last-Modified: Thu, 02 Jun 2022 12:35:03 GMT
Server: nginx
ETag: "6298ae77-a2f"
Content-Type: image/png
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2607
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK bd106b1984da25393b0b3d13e0c75c76fe2ae805.jpg
booking.infoflot.com/Uploads/b/d/1/ Frame 8D27 332 KB
333 KB 135ms
59ms Image
image/jpeg 2a01:d8:4:5::1a
RU-CENTER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://booking.infoflot.com/Uploads/b/d/1/bd106b1984da25393b0b3d13e0c75c76fe2ae805.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:d8:4:5::1a , Russian Federation, ASN39494 (RU-CENTER-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 50d6df5d576a77cb5c63fa903f9757e8ced2b9f713135702014e2d718e326cab

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitrix.infoflot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: public
Date: Fri, 10 Mar 2023 07:19:24 GMT
Last-Modified: Tue, 21 Jun 2022 11:08:38 GMT
Server: nginx
ETag: "62b1a6b6-530fc"
Content-Type: image/jpeg
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 340220
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 263c811a265ca9267e1fc94225bd08cb2377b139.png
booking.infoflot.com/Uploads/2/6/3/ Frame 8D27 2 KB
2 KB 860ms
58ms Image
image/png 2a01:d8:4:5::1a
RU-CENTER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://booking.infoflot.com/Uploads/2/6/3/263c811a265ca9267e1fc94225bd08cb2377b139.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:d8:4:5::1a , Russian Federation, ASN39494 (RU-CENTER-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 8f089d7d051a3ddd396888f97ae3e204d837213b3801b63b60e40d7d1b237981

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitrix.infoflot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: public
Date: Fri, 10 Mar 2023 07:19:25 GMT
Last-Modified: Thu, 26 May 2022 12:40:08 GMT
Server: nginx
ETag: "628f7528-764"
Content-Type: image/png
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1892
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 3106931078be7c80e96f510faf4896ad14f661e0.png
booking.infoflot.com/Uploads/3/1/0/ Frame 8D27 3 KB
4 KB 746ms
56ms Image
image/png 2a01:d8:4:5::1a
RU-CENTER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://booking.infoflot.com/Uploads/3/1/0/3106931078be7c80e96f510faf4896ad14f661e0.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:d8:4:5::1a , Russian Federation, ASN39494 (RU-CENTER-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: fbc4b1814c9f8a8b5ff8fec1622bb343d35bcf11fc61a1688f6cbf9d96fad3e0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitrix.infoflot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: public
Date: Fri, 10 Mar 2023 07:19:24 GMT
Last-Modified: Fri, 20 May 2022 09:31:19 GMT
Server: nginx
ETag: "62875fe7-df4"
Content-Type: image/png
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 3572
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK cc92a7a9d72afb787300050594c7ee231cb0532d.png
booking.infoflot.com/Uploads/c/c/9/ Frame 8D27 3 KB
3 KB 799ms
57ms Image
image/png 2a01:d8:4:5::1a
RU-CENTER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://booking.infoflot.com/Uploads/c/c/9/cc92a7a9d72afb787300050594c7ee231cb0532d.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:d8:4:5::1a , Russian Federation, ASN39494 (RU-CENTER-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: eb8af1983e34dac902efdf086a0df3add97f55dca3809ab0a957ee70a6e5ad70

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitrix.infoflot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: public
Date: Fri, 10 Mar 2023 07:19:25 GMT
Last-Modified: Fri, 20 May 2022 09:44:57 GMT
Server: nginx
ETag: "62876319-b55"
Content-Type: image/png
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2901
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 37ded81624ed8360eba32fab5c73c643412d7448.png
booking.infoflot.com/Uploads/3/7/d/ Frame 8D27 3 KB
3 KB 839ms
62ms Image
image/png 2a01:d8:4:5::1a
RU-CENTER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://booking.infoflot.com/Uploads/3/7/d/37ded81624ed8360eba32fab5c73c643412d7448.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:d8:4:5::1a , Russian Federation, ASN39494 (RU-CENTER-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: a3f089e892395fdbae801893e88e4fbcc4fe32f444740221bc5a1365303ab2ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitrix.infoflot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: public
Date: Fri, 10 Mar 2023 07:19:25 GMT
Last-Modified: Fri, 20 May 2022 10:29:20 GMT
Server: nginx
ETag: "62876d80-a2f"
Content-Type: image/png
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2607
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK a587abffce8c4db8aae870a19e80a5a646f6c344.png
booking.infoflot.com/Uploads/a/5/8/ Frame 8D27 2 KB
3 KB 822ms
53ms Image
image/png 2a01:d8:4:5::1a
RU-CENTER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://booking.infoflot.com/Uploads/a/5/8/a587abffce8c4db8aae870a19e80a5a646f6c344.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:d8:4:5::1a , Russian Federation, ASN39494 (RU-CENTER-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: c49cd2efc6989c071e182e45524c4151aae71e4f01c00b6fd45ed6b11a44a677

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitrix.infoflot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: public
Date: Fri, 10 Mar 2023 07:19:25 GMT
Last-Modified: Tue, 31 May 2022 08:27:01 GMT
Server: nginx
ETag: "6295d155-928"
Content-Type: image/png
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2344
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK a8a91e4a107596c6bbcb967ce92419bb523a039c.png
booking.infoflot.com/Uploads/a/8/a/ Frame 8D27 1 KB
2 KB 741ms
56ms Image
image/png 2a01:d8:4:5::1a
RU-CENTER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://booking.infoflot.com/Uploads/a/8/a/a8a91e4a107596c6bbcb967ce92419bb523a039c.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:d8:4:5::1a , Russian Federation, ASN39494 (RU-CENTER-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 7a5fb67879755b264d491e2d4cf4ead156432f71a7c25059bd55b82a86360128

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitrix.infoflot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: public
Date: Fri, 10 Mar 2023 07:19:24 GMT
Last-Modified: Wed, 03 Aug 2022 12:20:13 GMT
Server: nginx
ETag: "62ea67fd-5ee"
Content-Type: image/png
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1518
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK da96f4e557026a367f60d3aea76e82b4452c6f99.png
booking.infoflot.com/Uploads/d/a/9/ Frame 8D27 1 KB
2 KB 803ms
55ms Image
image/png 2a01:d8:4:5::1a
RU-CENTER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://booking.infoflot.com/Uploads/d/a/9/da96f4e557026a367f60d3aea76e82b4452c6f99.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:d8:4:5::1a , Russian Federation, ASN39494 (RU-CENTER-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 7e5135686d467111bcf2245a1a82035752f61e635a65e86ec3bf42dff4cb7f30

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitrix.infoflot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: public
Date: Fri, 10 Mar 2023 07:19:25 GMT
Last-Modified: Wed, 03 Aug 2022 12:41:21 GMT
Server: nginx
ETag: "62ea6cf1-549"
Content-Type: image/png
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1353
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 235580d0c5b6fd2b279ea9aa0a5e3ebbfe2cd556.jpg
booking.infoflot.com/Uploads/2/3/5/ Frame 8D27 220 KB
220 KB 186ms
58ms Image
image/jpeg 2a01:d8:4:5::1a
RU-CENTER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://booking.infoflot.com/Uploads/2/3/5/235580d0c5b6fd2b279ea9aa0a5e3ebbfe2cd556.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:d8:4:5::1a , Russian Federation, ASN39494 (RU-CENTER-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 17ec7aa3de664bf3cd7a65e08d1ac0fb8e036aa56a4603688a806f4e7b167aca

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitrix.infoflot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: public
Date: Fri, 10 Mar 2023 07:19:24 GMT
Last-Modified: Mon, 20 Jun 2022 13:31:50 GMT
Server: nginx
ETag: "62b076c6-36e09"
Content-Type: image/jpeg
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 224777
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK ed49b4a79920e616e72581549a0ad4d53da4e89b.png
booking.infoflot.com/Uploads/e/d/4/ Frame 8D27 1 KB
2 KB 125ms
54ms Image
image/png 2a01:d8:4:5::1a
RU-CENTER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://booking.infoflot.com/Uploads/e/d/4/ed49b4a79920e616e72581549a0ad4d53da4e89b.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:d8:4:5::1a , Russian Federation, ASN39494 (RU-CENTER-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 2c8837f259ab6ce3bf8f3829097983777e579fe29bfccc02b523c425863f046a

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitrix.infoflot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: public
Date: Fri, 10 Mar 2023 07:19:24 GMT
Last-Modified: Fri, 10 Jun 2022 11:00:44 GMT
Server: nginx
ETag: "62a3245c-4d6"
Content-Type: image/png
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1238
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 2029ab3c9f425b14cda1b98f00e25fd77ee47085.jpg
booking.infoflot.com/Uploads/2/0/2/ Frame 8D27 249 KB
250 KB 205ms
66ms Image
image/jpeg 2a01:d8:4:5::1a
RU-CENTER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://booking.infoflot.com/Uploads/2/0/2/2029ab3c9f425b14cda1b98f00e25fd77ee47085.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:d8:4:5::1a , Russian Federation, ASN39494 (RU-CENTER-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 4227e54575248855b5068347c6cdf89bdb67aa8224d91aad3c74702506bf2f73

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitrix.infoflot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: public
Date: Fri, 10 Mar 2023 07:19:24 GMT
Last-Modified: Thu, 03 Mar 2022 12:22:17 GMT
Server: nginx
ETag: "6220b2f9-3e5c0"
Content-Type: image/jpeg
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 255424
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 20f8d50dc8aa6fdd714b276cd3a2995b7fe0faa9.png
booking.infoflot.com/Uploads/2/0/f/ Frame 8D27 3 KB
3 KB 693ms
53ms Image
image/png 2a01:d8:4:5::1a
RU-CENTER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://booking.infoflot.com/Uploads/2/0/f/20f8d50dc8aa6fdd714b276cd3a2995b7fe0faa9.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:d8:4:5::1a , Russian Federation, ASN39494 (RU-CENTER-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: a3f089e892395fdbae801893e88e4fbcc4fe32f444740221bc5a1365303ab2ac

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitrix.infoflot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: public
Date: Fri, 10 Mar 2023 07:19:24 GMT
Last-Modified: Wed, 18 May 2022 08:13:53 GMT
Server: nginx
ETag: "6284aac1-a2f"
Content-Type: image/png
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2607
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK ad3fbaf21cdab17342ceea21335e503173c99195.png
booking.infoflot.com/Uploads/a/d/3/ Frame 8D27 2 KB
2 KB 862ms
53ms Image
image/png 2a01:d8:4:5::1a
RU-CENTER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://booking.infoflot.com/Uploads/a/d/3/ad3fbaf21cdab17342ceea21335e503173c99195.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:d8:4:5::1a , Russian Federation, ASN39494 (RU-CENTER-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 57521c3596e7cec9f7f9b57b77048926a3ead2790484df990dc2a48b5a5ec30f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitrix.infoflot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: public
Date: Fri, 10 Mar 2023 07:19:25 GMT
Last-Modified: Wed, 18 May 2022 07:53:25 GMT
Server: nginx
ETag: "6284a5f5-6d5"
Content-Type: image/png
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1749
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK bf689f77606a5b09f35e3841796ace20e83f2166.png
booking.infoflot.com/Uploads/b/f/6/ Frame 8D27 2 KB
3 KB 714ms
53ms Image
image/png 2a01:d8:4:5::1a
RU-CENTER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://booking.infoflot.com/Uploads/b/f/6/bf689f77606a5b09f35e3841796ace20e83f2166.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:d8:4:5::1a , Russian Federation, ASN39494 (RU-CENTER-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: c49cd2efc6989c071e182e45524c4151aae71e4f01c00b6fd45ed6b11a44a677

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitrix.infoflot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: public
Date: Fri, 10 Mar 2023 07:19:24 GMT
Last-Modified: Tue, 17 May 2022 14:26:15 GMT
Server: nginx
ETag: "6283b087-928"
Content-Type: image/png
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2344
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 7dc1a636dc1ea65f03d2f6826941e984303646a4.png
booking.infoflot.com/Uploads/7/d/c/ Frame 8D27 1 KB
2 KB 768ms
53ms Image
image/png 2a01:d8:4:5::1a
RU-CENTER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://booking.infoflot.com/Uploads/7/d/c/7dc1a636dc1ea65f03d2f6826941e984303646a4.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:d8:4:5::1a , Russian Federation, ASN39494 (RU-CENTER-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 7a5fb67879755b264d491e2d4cf4ead156432f71a7c25059bd55b82a86360128

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitrix.infoflot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: public
Date: Fri, 10 Mar 2023 07:19:24 GMT
Last-Modified: Thu, 26 May 2022 12:35:46 GMT
Server: nginx
ETag: "628f7422-5ee"
Content-Type: image/png
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 1518
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 169417aa59db2ef71e4f50f72207b176480b60e2.png
booking.infoflot.com/Uploads/1/6/9/ Frame 8D27 2 KB
3 KB 124ms
53ms Image
image/png 2a01:d8:4:5::1a
RU-CENTER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://booking.infoflot.com/Uploads/1/6/9/169417aa59db2ef71e4f50f72207b176480b60e2.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:d8:4:5::1a , Russian Federation, ASN39494 (RU-CENTER-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: eb6eda7e110727d960b8a98cbdbc49daa72ed09077007ccfe0f4970198f76e5f

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitrix.infoflot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: public
Date: Fri, 10 Mar 2023 07:19:24 GMT
Last-Modified: Thu, 26 May 2022 12:46:10 GMT
Server: nginx
ETag: "628f7692-8b9"
Content-Type: image/png
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2233
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK d6396920cecb9bb97aa08b3fa0ddccfad86b00c3.png
booking.infoflot.com/Uploads/d/6/3/ Frame 8D27 2 KB
2 KB 776ms
61ms Image
image/png 2a01:d8:4:5::1a
RU-CENTER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://booking.infoflot.com/Uploads/d/6/3/d6396920cecb9bb97aa08b3fa0ddccfad86b00c3.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:d8:4:5::1a , Russian Federation, ASN39494 (RU-CENTER-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 6269e67f47cf3b669c3599e8b73ba4f7ecc25c3f8180a8640381494483142072

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitrix.infoflot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: public
Date: Fri, 10 Mar 2023 07:19:24 GMT
Last-Modified: Wed, 18 May 2022 08:36:52 GMT
Server: nginx
ETag: "6284b024-859"
Content-Type: image/png
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2137
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK ec639c1b8fdaeebca75d46315a49fd2faaf1d8dc.png
booking.infoflot.com/Uploads/e/c/6/ Frame 8D27 3 KB
3 KB 743ms
58ms Image
image/png 2a01:d8:4:5::1a
RU-CENTER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://booking.infoflot.com/Uploads/e/c/6/ec639c1b8fdaeebca75d46315a49fd2faaf1d8dc.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:d8:4:5::1a , Russian Federation, ASN39494 (RU-CENTER-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 34c2086a80d76bec0e67b3301cde00a53c32324d66dd0162f425c3ece7edb040

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitrix.infoflot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: public
Date: Fri, 10 Mar 2023 07:19:24 GMT
Last-Modified: Thu, 26 May 2022 12:36:17 GMT
Server: nginx
ETag: "628f7441-a54"
Content-Type: image/png
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2644
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK d5e722941852eb4a0b83cc126f24577bf148d76a.jpg
booking.infoflot.com/Uploads/d/5/e/ Frame 8D27 327 KB
328 KB 452ms
141ms Image
image/jpeg 2a01:d8:4:5::1a
RU-CENTER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://booking.infoflot.com/Uploads/d/5/e/d5e722941852eb4a0b83cc126f24577bf148d76a.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:d8:4:5::1a , Russian Federation, ASN39494 (RU-CENTER-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 9833d8d9059eac64cfca253457d67024aebe12aa26b5fa92141a50dded4c1cf0

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitrix.infoflot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: public
Date: Fri, 10 Mar 2023 07:19:24 GMT
Last-Modified: Mon, 14 Nov 2022 10:22:31 GMT
Server: nginx
ETag: "637216e7-51ca0"
Content-Type: image/jpeg
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 335008
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK c623bbd13e21b0f8c31339014dbad3b7e4e30f2a.jpg
booking.infoflot.com/Uploads/c/6/2/ Frame 8D27 414 KB
414 KB 132ms
63ms Image
image/jpeg 2a01:d8:4:5::1a
RU-CENTER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://booking.infoflot.com/Uploads/c/6/2/c623bbd13e21b0f8c31339014dbad3b7e4e30f2a.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:d8:4:5::1a , Russian Federation, ASN39494 (RU-CENTER-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: c553b30a75754608428058d9b4ae1fcab6f8889d5bfd935df854f1c9bfb308fa

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitrix.infoflot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: public
Date: Fri, 10 Mar 2023 07:19:24 GMT
Last-Modified: Fri, 27 May 2022 12:34:53 GMT
Server: nginx
ETag: "6290c56d-6764d"
Content-Type: image/jpeg
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 423501
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 45568f7ea8ffda08e6cb223635f2c114567378f9.jpg
booking.infoflot.com/Uploads/4/5/5/ Frame 8D27 217 KB
217 KB 576ms
62ms Image
image/jpeg 2a01:d8:4:5::1a
RU-CENTER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://booking.infoflot.com/Uploads/4/5/5/45568f7ea8ffda08e6cb223635f2c114567378f9.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:d8:4:5::1a , Russian Federation, ASN39494 (RU-CENTER-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 25d8bfadabb236739c740721d93efb244017e951adf5aabf5b7e9cca633ef1e6

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitrix.infoflot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: public
Date: Fri, 10 Mar 2023 07:19:24 GMT
Last-Modified: Tue, 17 May 2022 11:00:32 GMT
Server: nginx
ETag: "62838050-3622d"
Content-Type: image/jpeg
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 221741
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK bd9eb565bd63b7c112baa6d473ee48799151352b.jpg
booking.infoflot.com/Uploads/b/d/9/ Frame 8D27 274 KB
274 KB 188ms
60ms Image
image/jpeg 2a01:d8:4:5::1a
RU-CENTER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://booking.infoflot.com/Uploads/b/d/9/bd9eb565bd63b7c112baa6d473ee48799151352b.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:d8:4:5::1a , Russian Federation, ASN39494 (RU-CENTER-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 82a6f3eeb1bb7968b59e95227ded441c6b607bdb56f3cd5c737e811b5becbbd5

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitrix.infoflot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: public
Date: Fri, 10 Mar 2023 07:19:24 GMT
Last-Modified: Fri, 10 Jun 2022 13:45:55 GMT
Server: nginx
ETag: "62a34b13-4471b"
Content-Type: image/jpeg
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 280347
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK e32147b8a02d38d6fa384f1fa5480181c0711df7.jpg
booking.infoflot.com/Uploads/e/3/2/ Frame 8D27 332 KB
332 KB 172ms
59ms Image
image/jpeg 2a01:d8:4:5::1a
RU-CENTER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://booking.infoflot.com/Uploads/e/3/2/e32147b8a02d38d6fa384f1fa5480181c0711df7.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:d8:4:5::1a , Russian Federation, ASN39494 (RU-CENTER-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 4f82b3e9b3612c26eace0742b71655d30c46f811c404be101fc179fa4ded4c86

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitrix.infoflot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: public
Date: Fri, 10 Mar 2023 07:19:24 GMT
Last-Modified: Tue, 21 Dec 2021 10:40:14 GMT
Server: nginx
ETag: "61c1af0e-52e3f"
Content-Type: image/jpeg
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 339519
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 1533300bb5cc5c6b33efe25f9704591df7b28689.jpg
booking.infoflot.com/Uploads/1/5/3/ Frame 8D27 226 KB
226 KB 591ms
68ms Image
image/jpeg 2a01:d8:4:5::1a
RU-CENTER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://booking.infoflot.com/Uploads/1/5/3/1533300bb5cc5c6b33efe25f9704591df7b28689.jpg
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:d8:4:5::1a , Russian Federation, ASN39494 (RU-CENTER-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 2cfac0c7ee8855f81704d3af783795f6d73205029219fc328e5b79910ebdf0bd

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitrix.infoflot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: public
Date: Fri, 10 Mar 2023 07:19:24 GMT
Last-Modified: Tue, 21 Dec 2021 12:58:43 GMT
Server: nginx
ETag: "61c1cf83-38719"
Content-Type: image/jpeg
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 231193
Expires: Thu, 31 Dec 2037 23:55:55 GMT

GET
H/1.1 200
OK 7e0ac90e053db24839eed5dc6230a088fefd3124.png
booking.infoflot.com/Uploads/7/e/0/ Frame 8D27 3 KB
3 KB 805ms
62ms Image
image/png 2a01:d8:4:5::1a
RU-CENTER-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://booking.infoflot.com/Uploads/7/e/0/7e0ac90e053db24839eed5dc6230a088fefd3124.png
Protocol: HTTP/1.1
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 2a01:d8:4:5::1a , Russian Federation, ASN39494 (RU-CENTER-AS, RU),
Reverse DNS
Software: nginx /
Resource Hash: 34c2086a80d76bec0e67b3301cde00a53c32324d66dd0162f425c3ece7edb040

Request headers

accept-language: de-DE,de;q=0.9
Referer: https://bitrix.infoflot.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36

Response headers

Pragma: public
Date: Fri, 10 Mar 2023 07:19:25 GMT
Last-Modified: Thu, 18 Aug 2022 13:35:43 GMT
Server: nginx
ETag: "62fe402f-a54"
Content-Type: image/png
Cache-Control: max-age=315360000, public, must-revalidate, proxy-revalidate
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 2644
Expires: Thu, 31 Dec 2037 23:55:55 GMT

POST
H2 200 26037942 Show response
mc.yandex.com/webvisor/ 43 B
145 B 53ms
52ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/26037942?wmode=0&wv-part=2&wv-hit=906532019&page-url=https%3A%2F%2Fbontour.ru%2F&rn=309677472&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1678432765%3Aw%3A1600x1200%3Av%3A970%3Az%3A0%3Ai%3A20230310071925%3Au%3A1678432760858097477%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Ast%3A1678432765&t=gdpr(14)ti(2)

Requested by

Host: front.sletat.ru
URL: https://front.sletat.ru/modules/module6/latest/module.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bontour.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 07:19:25 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 10-Mar-2023 07:19:25 GMT
content-type: image/gif
access-control-allow-origin: https://bontour.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 10-Mar-2023 07:19:25 GMT

POST
H2 200 26037942 Show response
mc.yandex.com/webvisor/ 43 B
145 B 66ms
66ms XHR
image/gif 2a02:6b8::1:119
GLOBAL_DC

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/26037942?wmode=0&wv-part=3&wv-hit=906532019&page-url=https%3A%2F%2Fbontour.ru%2F&rn=67213776&wv-type=3&browser-info=bt%3A1%3Awe%3A1%3Aet%3A1678432767%3Aw%3A1600x1200%3Av%3A970%3Az%3A0%3Ai%3A20230310071927%3Au%3A1678432760858097477%3Avf%3Asmv4ejgyf4ncs18xtvrvr%3Ast%3A1678432767&t=gdpr(14)ti(2)

Requested by

Host: front.sletat.ru
URL: https://front.sletat.ru/modules/module6/latest/module.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://bontour.ru/
accept-language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/111.0.5563.64 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Fri, 10 Mar 2023 07:19:27 GMT
strict-transport-security: max-age=31536000
last-modified: Fri, 10-Mar-2023 07:19:27 GMT
content-type: image/gif
access-control-allow-origin: https://bontour.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Fri, 10-Mar-2023 07:19:27 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: bitrix.infoflot.com
URL: https://bitrix.infoflot.com/rest/api/search.filter/?key=YTo0OntzOjI6IklEIjtzOjM6Ijg2NiI7czo0OiJVU0VSIjtzOjI4OiJibUYwWVd4cFlTMXVRR0p2Ym5SdmRYSXVjblU9IjtzOjY6IlJBTkRPTSI7czo4OiJmZWx3bWd3ZyI7czoxNToiSU5GT0ZMT1QtQVBJS0VZIjtzOjQwOiI3YTdlYjM1N2VlMzVmNzc1ZmJhZGFiMzIwMWVkNjE0YTM0OGQwYjM5Ijt9

Verdicts & Comments Add Verdict or Comment

88 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

26 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
c.sberlead.ru/clickstream-analytics-bh	1970-01-20 19:49:52	Name: deviceGuid Value: "41a8d75e-e070-490b-b74d-41c317afd9de"
bontour.ru/	1970-01-20 15:36:32	Name: beget Value: begetok
.bontour.ru/	1969-12-31 23:59:59	Name: key Value: value
bontour.ru/	1969-12-31 23:59:59	Name: PHPSESSID Value: 191957a8c257ea06db75b95c6dcfef69
.bontour.ru/	1970-01-20 10:15:19	Name: _gid Value: GA1.2.1850787857.1678432760
.bontour.ru/	1970-01-20 10:13:52	Name: _gat_UA-91619081-1 Value: 1
.bontour.ru/	1970-01-20 19:49:52	Name: _ga_9E8Q5PRV6V Value: GS1.1.1678432760.1.0.1678432760.60.0.0
.bontour.ru/	1970-01-20 19:49:52	Name: _ga Value: GA1.1.11606577.1678432760
.bontour.ru/	1970-01-20 18:59:28	Name: _ym_uid Value: 1678432760858097477
.bontour.ru/	1970-01-20 18:59:28	Name: _ym_d Value: 1678432760
.vk.com/	1970-01-20 18:51:05	Name: remixlang Value: 6
.vk.com/	1970-01-20 18:59:28	Name: remixstlid Value: 9078225930431454173_toXOUt8EEqfyR6NOjcTp75Cjmzhzo3qDPNCWCMtFOL4
bitrix.infoflot.com/	1969-12-31 23:59:59	Name: PHPSESSID Value: YrFUTz34exNMsmDql8fJQ4eP5bOxGK07
.mc.yandex.com/	1970-01-20 10:13:53	Name: sync_cookie_csrf Value: 3086504542fake
.bontour.ru/	1970-01-20 10:15:04	Name: _ym_isad Value: 2
.bontour.ru/	1970-01-20 18:13:23	Name: tmr_lvid Value: 26d1721ef1b872af7fefa91b2e97e277
.bontour.ru/	1970-01-20 18:13:23	Name: tmr_lvidTS Value: 1678432760498
.mc.yandex.ru/	1970-01-20 10:13:53	Name: sync_cookie_csrf Value: 4223916705fake
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 2682738721678432760
.yandex.com/	1970-01-20 19:49:52	Name: i Value: 1mmmZQ0dY8BBaJ3YyBBC/BMf/SsKvmP3B55HzVC1oTIMiTDbLZNUh5dEVo8KPylv+jgCK0doMee+Qv/umVIW8xSWO/s=
.yandex.com/	1970-01-20 18:59:28	Name: yandexuid Value: 5546096831678432760
.yandex.com/	1970-01-20 18:59:28	Name: yuidss Value: 5546096831678432760
.yandex.com/	1970-01-20 18:59:28	Name: ymex Value: 1709968760.yc.1678432760#1709968760.yrts.1678432760#1709968760.yrtsi.1678432760
.bontour.ru/	1970-01-20 10:13:54	Name: _ym_visorc Value: w
.mail.ru/	1970-01-20 19:00:55	Name: VID Value: 1QEA5Y3EoQYG00000p1cP4IG:::0-0-0-92532b8:CAASENsASlhEIBRu3qjGfQzpoEYaYBVQmUnN72nFkGZjkJaAMcG8jFsxyZXmQfT_9J7sib-oqq6fJZyfEc6JdQhv4pqIkpYv8M571TFEDrtTMIKYLaMOqsDt4Ib69ETnRT_Nv_GjQKpfzUBlAQWc6A9OyBlAXQ
bontour.ru/	1970-01-20 10:15:19	Name: tmr_detect Value: 0%7C1678432762935

1 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://bontour.ru/sitemap.xml Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

bitrix.infoflot.com
bontour.ru
booking.infoflot.com
c.sberlead.ru
cdn.jsdelivr.net
code.jivo.ru
code.jivosite.com
code.jquery.com
fonts.googleapis.com
fonts.gstatic.com
front.sletat.ru
mc.yandex.com
mc.yandex.ru
module.sletat.ru
modulesettings.sletat.ru
node-sber1-az3-3.jivosite.com
region1.analytics.google.com
static.sletat.ru
stats.g.doubleclick.net
top-fwz1.mail.ru
vk.com
www.google-analytics.com
www.google.com
www.google.de
www.googletagmanager.com
bitrix.infoflot.com
188.225.80.60
2001:4860:4802:34::36
2001:4de0:ac18::1:a:2b
2606:4700::6810:5914
2a00:1450:4001:806::2003
2a00:1450:4001:80b::200a
2a00:1450:4001:810::200e
2a00:1450:4001:829::2003
2a00:1450:4001:82a::2008
2a00:1450:4001:831::2004
2a00:1450:400c:c06::9c
2a01:d8:4:5::1a
2a02:6b8::1:119
2a13:1ec0:1000::1073
31.131.248.50
31.131.248.51
37.18.73.104
46.243.227.42
81.200.112.216
87.240.132.72
95.163.52.67
00b6294afc61ef4bc202f191b68fffc31d344395ac3ce8d6c4fc8d0e4a25a399
021530a3085cfe97726cfe45e266b7bbc41d25e76d64be034dc0f9d98f6aaef3
025131d9c15ae8bc85f70a51c95aece581630b3dc3caa26cfeb1f79532c224d4
041c6681a45e699e733ccc0f047048d8a7c7bd0683d7ec8726abc5b6a5781caa
04a32a01bcef264c98a7125b2d0461eeab8b92c58fddcfffa4216eb7b925d284
05240da99e7fe68fda1501e4a21dfad862fb74710674fa8cb77ed5a212acd607
09a6e67d7219eb33f59cabadd73e390867333f7b222938698d6f63889b4d197b
0db24732e1d9fb974c1651a40165d9a5869bd8bb8e94d40ee74abce6a26de81c
0f6d567745426a11367c78761428e6fcb13b2ceb57ed6a0a5284ce03d16929e4
0fa75c4b7aacc2930755b523f2fe513caa612ee13b3f085f30a325dfd1e6a2ec
1112436abea08c851302bba4d4e37a27e25e5ec26b20474667a3369d41154bab
141f0c53e457585d4ac7426eb3d757666d250ee6fbf0e9c0878128e4c627f0b1
173d4c89910e26f52388434cfd4a200f66ec779b212e33e34c78f7247bba37f4
17ec7aa3de664bf3cd7a65e08d1ac0fb8e036aa56a4603688a806f4e7b167aca
1a045fdc088409e4e87d57617de7a9b613bf251c12997180910faeed8fa7aba1
1e0a67fc730cec145fa5d3ff57421eea36f7c31d1b2acc56bc0346728079bfaa
1e3025766b2cdc8f8aa76f2a9ad7b1f5c7eb1126c011760169643697725e8bae
2273a563ad580e71134f573d062216a6e9be7b12a7de638e7549c0ab4e750a5d
228567abbd6de1e300654f5fd8a2937c048b34498377e1b9f17211d530a7166e
239150a07190e8e9d04385f38cb1a30afc4ef5cade4bbd2d0a9db5d7d31d4c9d
23b9bc567b1829ba90788369a6daed03a97f0e7152fd00eb59269525bcd2ceb8
24c0e724005344165ee0a0ff4c96a914e174bb4caa20c8a533fb194d92853e95
24e480e4659fbae818853a38f8a3036f529f539024dc3e772c0b594ce02ea9db
25d8bfadabb236739c740721d93efb244017e951adf5aabf5b7e9cca633ef1e6
263105b83da311cd76db478c2d958dfded7cc73be6233045a3d3a2b57b86882f
27a7b7885628ffbab9bdba970273bf42e02a176568602353503dfa959dfab09e
2c8837f259ab6ce3bf8f3829097983777e579fe29bfccc02b523c425863f046a
2cfac0c7ee8855f81704d3af783795f6d73205029219fc328e5b79910ebdf0bd
2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef
2f7760ee2b81f4659c6f34ada0f7a7d263c2ce6035c2b5f4b082fac60802897e
31736e03a538daad8ef8a0cc00e637f4386b4f97ab42b36eeb0986f1a54f1ff7
34c2086a80d76bec0e67b3301cde00a53c32324d66dd0162f425c3ece7edb040
3609d71ebafb0c2c12076d77311383fa03ca59aab2d56e40fb76db9b69c804de
361aec8d77f670e1b17b3cac12f67ac227cf1683a286c3bc1aeb62c4f5ed76cd
399cd0a456e30f69bac083b3655ec1e9d0bc94af7ce486bbf6e31c167b4f18a8
3ab905b1ac3a5d6fc2bd65dda9bfae5b8c4c9b230fa946f0239126c6817ba60b
3b092a51a3d2aa129aaf9d2b9c3f802e38bea1c1ff3d327f9a2bcc96202d0598
3b6f26d1138402a1361f29c31b0c549ac5313f0804560e94285a51b17ebf587e
409437c587e4bb3dcdcbafabc8d925f5e32d0c0b7d760e0ab31d01e154876a0a
40bade4abd4e5b657379b7f3814d6ca5878b50c3567a5bbef6f77ace390a98b2
4227e54575248855b5068347c6cdf89bdb67aa8224d91aad3c74702506bf2f73
44a2e9953a463746e8ca2c2741e2999c96efa9fd60fae3788a44f5c2550a7cd2
47aa3bfad6cb9e2d63abdd58f4e6ce4f7b9fd2704b2b15193c71874035fe025d
48f3941ff683ad084b452d3409e9afa51399c151e3a8a3599070f6d58e25d243
495d38d4b9741e8aa4204002414069e2d8db9f3c60b60e195e4d74381462dee9
4b940065e2a67c37e3bd02b23c651f4744a3c219aba2d4fb99a631113494d376
4d9c1c1bf1a712985b8a878245f5db012cc3bde9c2b562727840706e5c577c6c
4f82b3e9b3612c26eace0742b71655d30c46f811c404be101fc179fa4ded4c86
4fff268b1b48a6d8a3d07389fcd494cc6005ca5d81b24c3f9608d1158dce15b8
50cb67053b49ad7436c3c2ecbae6d2df1f6cd24b66613020f78edb1818dafa59
50d6df5d576a77cb5c63fa903f9757e8ced2b9f713135702014e2d718e326cab
53f4cc30a0cdd34d16dfda9a1e410b541dd08c7711fc2a763045b812ba65150c
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
54ade860668186a60816a95a13faa8ce43a79438c8f1c5a15e967853e02465c0
57521c3596e7cec9f7f9b57b77048926a3ead2790484df990dc2a48b5a5ec30f
578d3a04b2110477868628a26e0fa968a626ab56f1a874d1f7bbfa0c46229d6a
58cbefaf0f461dc0670eaff4da9f2a2e4f1000e1dfebec0ba390f9859b7792f6
58ebc348c8afcccdc7d7e2e3ec1d14a0a7f8d20190c3d33fef7c2c62a013e820
5971b095cff574a66d35ada016d4c077c86e2dea62e9c0f14cf7c94b258619de
59bd288e64c57e034672999e33ebda6eb5ad1575945eb563dbfb5b44f226e1e1
5b0f1566dc493cd6f6c37b125eb38c79a5046f5bb8a35aafcf5f64fd259ef1e0
5c5e67376747464a3e1bf26a12c4ca70c2dafbcc51d23bd1dbf8519aa8f060b1
5cfdd64e3a2a656bd861c6a07f4dbb27e402ce7e2a88367081faec94119680d7
5e5f9f937f297e0278dce0115a1829bc1939951fca50c698ffac032d6b798f82
6269e67f47cf3b669c3599e8b73ba4f7ecc25c3f8180a8640381494483142072
639f06a9a4840ca7d1f06bd26a8e9a81cb238670b3a975530bcc16cd36176fd9
64333aee026d0b25a94df1b97d5c17a35cd41ccec70e11b18380d405664211db
64e4de71a710bbb6b7bc79ec8e2bf2d9b3132e8330d29b6d50479eb95238e8d1
67fd641216208634989f2b7a2735b1a0b2c2d45e70837f346cebd0fc8a31f8ea
6a1ee081dc8e015b9828c6455908096c381b392ce84db39c0f74ba5d9fb041cc
6a43f38ecd96ed1e24d6fc79c99f42276185bcd4eb9d66ecbb82720600574ebf
6a84eeee6a25e7c9a8a03191007a6720566b5a2aa2384d36168fb07f49e97e9e
6c5150612ec9b77b14f65440fc214bbd68256856a74943d0b089288a21ae06a0
6d520a7b3c4b05e4cf668da7504010f75c0b95a01664e3b84690e99d627fd9af
6e30be95c88e3acf121f68a271f54b13af21cd26e311fe37df694874edfd48c7
6f1e145d88c4b3f343055576d559fa8999045d205ea2f4e0d84f3b539c56ced8
6fba15e4ebe3e5a61b0b98d71f778f090d93c42aa003dfa18bacdfa991523cfc
738dd861edebcae3f80a3a947e183216c1eaa4029ef6026d1f76997ac02550a9
73b76228a813f0146c3f4c313bfb7f966f44f7eb93dd8611ca475eda3efcc173
7633b7c0c97d19e682feee8afa2738523fcb2a14544a550572caeecd2eefe66b
79c729b62410e675e6629dac39332d2119d355c84d803d40c4af4a94577878a2
7a5fb67879755b264d491e2d4cf4ead156432f71a7c25059bd55b82a86360128
7a9d6a4ea5a8bfa3b302c4057a024ead1fbeb8c30fa9069f7d112e1e6c75feb4
7c2c86e10a65e5ab57166e5e9124d47f90e582eba901aaccffc032b9eba46d5b
7e1f1503df765cca5e099891b94e318a2ef95081ba2af1eb6d417cc884bfdbfe
7e5135686d467111bcf2245a1a82035752f61e635a65e86ec3bf42dff4cb7f30
7f1d0ad08e99fd94041679d0a55a90426162b0305ab5daaf9fcb1d58867381ad
829ad3ed0c2f892e7df84989078dd4246fc0a5f1a179439e6314462465dbb2f6
82a6f3eeb1bb7968b59e95227ded441c6b607bdb56f3cd5c737e811b5becbbd5
83ea34e08eaf382125ac8865d53ec5c3037ab286c5d2c88db6b63664ef4e1b28
84e01419bd81f32ac6df0f75f49c604fda9172000a3ae432b3c47b2a6a712d80
86358469a3188d8dae051045546110638b6c55e8d4ff55859c381ac202ed4769
87252016d274974289bc8ac2f0fed5c9c5fd5ac3739345376cae8279a4d74e1b
8778e9af2422858d7052ff9a0f3c12c08ae976bdd6e0316db144cd5579cd97db
87f3eaa531e765d3b1c53923d06bf568f150edead76c6bc4105e308c041144c9
8acd180b7942eaa71c0ea26de36c05472c97a78b9f0341572b367ae60f209087
8ade6740a1d3cfedf81e28d9250929341207b23a55f1be90ccc26cf6d98e052a
8cffbe5dd03d9554f149b4befcb8747bd355609216385c71fe9ccd74ef49d20b
8f089d7d051a3ddd396888f97ae3e204d837213b3801b63b60e40d7d1b237981
9833d8d9059eac64cfca253457d67024aebe12aa26b5fa92141a50dded4c1cf0
98c34f518c2f423a8f18de9a992bf9ae6cf9b599e2bfd411d8fb29071b4b146d
98fc48396daf6742203aaeca0c0bf2637c2b43411452aaf72be0f373023b675d
9906534230828b2ea67af9b9d589e1b1c8dac175282d2ed3e15aa23dbac9f303
99f4f0b8ff330a1ead240300e94cc007d61f2980084836722612da339c0a932b
9b529339a665e82d192237dfd66d866a28708c532cde526a53a25ab96440c745
9c51f910a581adfa2d21eeb97fd6985e322745af99e4501ee94dd035ef20e364
9cc6fead79b723d054a932024d3d8971832565a64c7eb79d19ff529711f86b19
a3f089e892395fdbae801893e88e4fbcc4fe32f444740221bc5a1365303ab2ac
a5bd14f143101f651bd9a1c65b62de79583d63e9eadfa11ecf6ac7fe8a1a494e
a8ad1edfa3bca8656f3371479bb84a659d8a96b005d0985c2ce655450c1d7557
a966ed0ca0d951d32060effb354936830dfd58ab0687d5489efc1cdc424cbb2f
a9b067c295933b009389e9febe65ad992e5b3fd54e05c10b467d77ed6ea2351c
aa4574e5fec0b4987cf9a0dfbeb30e23a41ac2a2805f96df6d4bd1d35ec34edd
aa7692bc9b1a7fd639625bfc1e3d3624bf51d75753f4872a145e60cd11df3f0a
ab4c1983343a46eebbc7ea487bd200cedae7947347c99ba2dc1330a946039e92
ab8135bb7f71348cfe6d0b7d3e0539b239baba8d461bdbd1baa980e977871933
aec60bc104db041b1512185839f18f52986df7e569e5445f740dd60f763fbca8
b134fc3f777a1aeb46d45b7999e88fb655daa62f4fafe5bcaed5f70b4bb7bcef
b278502523c61586174352be807ab9e667b2237d2d78e74e063fdb654a3d711c
b2c7be56ad296dd8cca02499a856199ea218ccd010792c88401746af5edc1541
b2dc460864a60ac3ce89c4c6fab1c62ef9171ac1365cc47aa8aca95ecb06f0cf
bb8007225d94a099cddbade7ea904667c0dd0b68d5e30778e5c6257589ab94d1
bbb5ec2ae39cd850155bed6bafa098b5c2d4059fae38395f2a9eb8160c4863ed
bd3e99952cbadeb875572d56782e88c64a530c1f453b46c2122a57a52f1a7649
be31fb55d198f0a2bc969e70857e7ab9388e6dce6f26c2bea85a6cd827eae666
c19a56f6b0c70159ed8564d7dd8dcb9d2c39dee226f74de17d28fedc6ed6ab74
c49cd2efc6989c071e182e45524c4151aae71e4f01c00b6fd45ed6b11a44a677
c553b30a75754608428058d9b4ae1fcab6f8889d5bfd935df854f1c9bfb308fa
c6e4daf7c7b3d92ce0220743aac266efabf62122c4da3f5c4fc004ce2dd9e554
caeec0b59ba7ea579ce20d9b84e6d9b4a55ff0d4bd27126b0929b3d2de644cd4
cb558ade4aadf1d29db46a06447e11738ed2212d1378791f01cd0f9c70de7b7f
cbdd5c1ba6244f974f464921d258ef4ccdf3e995c832de0fc2978eba80e696e4
cc140ef1e7c5d527ebb4e2e73107909cd646fd0bbdb10ebad305166c8c1b5204
ccf5aabec5f8aeeb9ac6c5ad3c6ac4804c13ee1cf4a12ed004149efc5d21ebc2
cda4a81c187015d95ed2c71f1841540b08203cdec5fa2a7d5d1825a3c2166f8c
cf42dfa9fa14fe9486252c3f7da16d64aa2397a84f2e152632cc806335602bb1
cf9af87c780a541b435b62d70cdb32570c49fbc8108fdbba4274d84125711b2c
d0219c1c8ebd7895f6beb61419bdb45ddce4ed1626802cf03360a874986df947
d29ad0c45b5d59035adef5b924331bbdb069e9e84acdff54216a851992163cf1
d44244617bf21df7a137694fa762d5cab3b82cb9fae8f33de5917977b02b2a11
d6559e15fa4090dd921467b6da0e02ef0198641f86b2c81faba5648dec24f113
db0424fb67fb52e7e538490240cc7fb9c05aa076333a4968f3dee30b825dabf9
dbc2f0527f7631ee5f51d85b32973313c4c04c0eb2367f969fb5e14654cfa012
dfb6aa04fe174f86ed5fb8b8614b34eb5baa2c018efce8d0e0315c682059a65e
e13da2ba4f2b847553a4f925238ccc1de13e72870053284b91b7bf59ffe11aa7
e2a08fcf21bc578269fa56dd872caad03f7216f76040b52f1e0f17881028c5bc
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e976a6ddb4553c51f633b7e40ed0800ad18186a38cd8e68d3b1dbd9d3698b47a
eb6eda7e110727d960b8a98cbdbc49daa72ed09077007ccfe0f4970198f76e5f
eb8af1983e34dac902efdf086a0df3add97f55dca3809ab0a957ee70a6e5ad70
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
f2cbe3092c8fa5b401a520407dd7fdacfcfe3e5f067462db6a0fca3417ccd280
f4d5b4d88a4b904e2c3b1fb7d3f9ce5245872b11a3e635eb30caa08415930d8e
f5aebdfea35d1e7656ef4acc5db1f243209755ae3300943ef8fc6280f363c860
f6734f8177112c0839b961f96d813fcb189d81b60e96c33278c1983b6f419615
f71fb1202b8d57ad5d8bc7cbf6133c86fa94b74a6c52c4fb01008214db9f049d
f7244fff610595b944f76bf3080d74e3af42b5dd234f8f079e698cc39ac966b0
f75911313e1c7802c23345ab57e754d87801581706780c993fb23ff4e0fe62ef
f97b2215ad238391faa94d93b6a79bb11e8038f9d42d99150ff013515a6f4750
fbc4b1814c9f8a8b5ff8fec1622bb343d35bcf11fc61a1688f6cbf9d96fad3e0
fc4b6fe5ab5ba13bbf8926a5388785b51f845ca15e877209e4be6f8622a96fb9
fdaa8b72e5f72dc4b11244459070632baec41585fc4fa74741e54c8b006250bd
ff1523fb7389539c84c65aba19260648793bb4f5e29329d2ee8804bc37a3fe6e
ff81aad05612f90cf97c238f219765884e5cbf49351d8dc96a4a063c598c3f43
ffdf3f9b760ccde690795bdfd9746bc606462af2e98c5e14029236a5478fb0a8

bontour.ru Open in urlscan Pro 81.200.112.216 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

215 Requests

98 %HTTPS

62 %IPv6

19 Domains

25 Subdomains

22 IPs

6 Countries

7499 kBTransfer

16565 kBSize

26 Cookies

7 Outgoing links

Page URL History

Redirected requests

215 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 8 data transactions

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

bontour.ru Open in urlscan Pro
81.200.112.216 Public Scan

Screenshot
Live screenshot

Full Image

215
Requests

98 %
HTTPS

62 %
IPv6

19
Domains

25
Subdomains

22
IPs

6
Countries

7499 kB
Transfer

16565 kB
Size

26
Cookies

215 HTTP transactions
8 data transactions