oknaforlife.ru Open in urlscan Pro
87.236.16.42 Public Scan

Go To Rescan
Add Verdict Report

Submitted URL:
http://intelcentre.ru/
Effective URL:
https://oknaforlife.ru/
Submission: On March 19 via api (March 19th 2022, 5:20:15 am UTC) from US — Scanned from DE

Summary HTTP 120 Redirects Links 4 Behaviour Indicators

Summary

This website contacted 46 IPs in 7 countries across 44 domains to perform 120 HTTP transactions. The main IP is 87.236.16.42, located in Russian Federation and belongs to BEGET-AS, RU. The main domain is oknaforlife.ru.
TLS certificate: Issued by R3 on March 2nd 2022. Valid for: 3 months.

This is the only time oknaforlife.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
1 1	45.130.41.15 45.130.41.15	198610 (BEGET-AS) (BEGET-AS)
3 25	87.236.16.42 87.236.16.42	198610 (BEGET-AS) (BEGET-AS)
10	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:830::200a	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:810::200a	15169 (GOOGLE) (GOOGLE)
1	159.69.75.12 159.69.75.12	24940 (HETZNER-AS) (HETZNER-AS)
5	62.76.25.28 62.76.25.28	61400 (NETRACK-AS) (NETRACK-AS)
1	45.130.41.21 45.130.41.21	198610 (BEGET-AS) (BEGET-AS)
3 9	2a02:6b8::1:119 2a02:6b8::1:119	208722 (YNDX) (YNDX)
7	2a00:1450:400... 2a00:1450:400e:800::2002	15169 (GOOGLE) (GOOGLE)
5	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
1	142.250.184.226 142.250.184.226	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:803::2002	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:827::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
9	2a00:1450:400... 2a00:1450:4001:82a::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
3 5	185.26.99.247 185.26.99.247	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1	217.12.104.100 217.12.104.100	15632 (ALFA-BANK-AS) (ALFA-BANK-AS)
1 2	178.248.232.86 178.248.232.86	197068 (QRATOR) (QRATOR)
1 2	93.171.200.70 93.171.200.70	262254 (DDOS-GUAR...) (DDOS-GUARD CORP.)
1	193.233.15.88 193.233.15.88	42745 (SAFEVALUE-AS) (SAFEVALUE-AS)
1	93.171.200.6 93.171.200.6	50245 (SERVEREL-AS) (SERVEREL-AS)
1 2	93.171.200.41 93.171.200.41	50245 (SERVEREL-AS) (SERVEREL-AS)
2 3	5.187.5.24 5.187.5.24	44066 (DE-FIRSTC...) (DE-FIRSTCOLO www.first-colo.net)
1 1	185.106.81.236 185.106.81.236	7979 (SERVERS-COM) (SERVERS-COM)
1	2606:4700:10:... 2606:4700:10::6816:3c96	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 3	190.115.31.9 190.115.31.9	262254 (DDOS-GUAR...) (DDOS-GUARD CORP.)
2 3	193.168.47.253 193.168.47.253	198610 (BEGET-AS) (BEGET-AS)
1	2a00:f940:4::8 2a00:f940:4::8	197695 (AS-REG) (AS-REG)
1 2	2a03:6f00:1:2... 2a03:6f00:1:2::5c35:746b	9123 (TIMEWEB-AS) (TIMEWEB-AS)
1	89.208.226.140 89.208.226.140	12695 (DINET-AS) (DINET-AS)
1	2606:4700:20:... 2606:4700:20::681a:cc8	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1	2606:4700:10:... 2606:4700:10::6816:24bf	13335 (CLOUDFLAR...) (CLOUDFLARENET)
2 2	104.111.216.213 104.111.216.213	16625 (AKAMAI-AS) (AKAMAI-AS)
1 2	62.128.97.7 62.128.97.7	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
1 1	62.128.97.25 62.128.97.25	45102 (ALIBABA-C...) (ALIBABA-CN-NET Alibaba US Technology Co.)
1	2606:4700:10:... 2606:4700:10::6814:33a1	13335 (CLOUDFLAR...) (CLOUDFLARENET)
1 1	116.202.164.135 116.202.164.135	24940 (HETZNER-AS) (HETZNER-AS)
1	5.253.61.60 5.253.61.60	211642 (ADMINVPS) (ADMINVPS)
1 2	185.26.122.131 185.26.122.131	62082 (HOSTLAND) (HOSTLAND)
1	185.203.72.141 185.203.72.141	42240 (VARITI-IN...) (VARITI-INT-AS)
1 2	78.110.50.108 78.110.50.108	31240 (HT-SYSTEM...) (HT-SYSTEMS-AS Uplinks:)
3 4	142.250.186.130 142.250.186.130	15169 (GOOGLE) (GOOGLE)
3 5	2.18.234.21 2.18.234.21	16625 (AKAMAI-AS) (AKAMAI-AS)
3 4	37.252.173.62 37.252.173.62	29990 (ASN-APPNEX) (ASN-APPNEX)
6	2a00:1450:400... 2a00:1450:4001:829::2006	15169 (GOOGLE) (GOOGLE)
2	142.250.185.194 142.250.185.194	15169 (GOOGLE) (GOOGLE)
1	85.14.248.91 85.14.248.91	24961 (MYLOC-AS ...) (MYLOC-AS IP Backbone of myLoc managed IT AG)
1	2a02:26f0:fb:... 2a02:26f0:fb::5f65:5922	20940 (AKAMAI-ASN1) (AKAMAI-ASN1)
120	46

1 45.130.41.15 (Russian Federation) 1 redirects

ASN198610 (BEGET-AS, RU)

intelcentre.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

25 87.236.16.42 (Russian Federation) 3 redirects

ASN198610 (BEGET-AS, RU)
PTR: ssl.wolf2.beget.com

oknaforlife.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

10 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:830::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:810::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ajax.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 159.69.75.12 (Germany)

ASN24940 (HETZNER-AS, DE)
PTR: static.12.75.69.159.clients.your-server.de

bigreal.org	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 62.76.25.28 (Moscow, Russian Federation)

ASN61400 (NETRACK-AS, RU)

iexqhm.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 45.130.41.21 (Russian Federation)

ASN198610 (BEGET-AS, RU)
PTR: ssl.quasar.beget.com

static20.online	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a02:6b8::1:119 (Moscow, Russian Federation) 3 redirects

ASN208722 (YNDX, FI)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
mc.yandex.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:400e:800::2002 (Ireland)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.184.226 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s12-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:803::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:827::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

9 2a00:1450:4001:82a::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 185.26.99.247 (Frankfurt am Main, Germany) 3 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
PTR: dsde430-2.fornex.org

ad.admitad.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 217.12.104.100 (Russian Federation)

ASN15632 (ALFA-BANK-AS, RU)

alfabank.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 178.248.232.86 (Russian Federation) 1 redirects

ASN197068 (QRATOR, RU)

webmaster.leads.su	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 93.171.200.70 (Czech Republic) 1 redirects

ASN262254 (DDOS-GUARD CORP., BZ)
PTR: gw.gogetlinks.net

www.gogetlinks.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 193.233.15.88 (Russian Federation)

ASN42745 (SAFEVALUE-AS, DE)

www.rookee.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 93.171.200.6 (Czech Republic)

ASN50245 (SERVEREL-AS, NL)
PTR: www.miralinks.ru

www.miralinks.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 93.171.200.41 (Czech Republic) 1 redirects

ASN50245 (SERVEREL-AS, NL)
PTR: kwork.ru

kwork.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 5.187.5.24 (Frankfurt am Main, Germany) 2 redirects

ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE)
PTR: dsde334-1.fornex.org

letyshops.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.106.81.236 (Netherlands) 1 redirects

ASN7979 (SERVERS-COM, US)

aviasales.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:3c96 (United States)

ASN13335 (CLOUDFLARENET, US)

www.aviasales.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 190.115.31.9 (Belize City, Belize) 2 redirects

ASN262254 (DDOS-GUARD CORP., BZ)
PTR: ddos-guard.net

allpositions.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 193.168.47.253 (Russian Federation) 2 redirects

ASN198610 (BEGET-AS, RU)

beget.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:f940:4::8 (Russian Federation)

ASN197695 (AS-REG, RU)

www.reg.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a03:6f00:1:2::5c35:746b (Russian Federation) 1 redirects

ASN9123 (TIMEWEB-AS, RU)

timeweb.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 89.208.226.140 (Balashikha, Russian Federation)

ASN12695 (DINET-AS, RU)

advego.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:20::681a:cc8 (United States)

ASN13335 (CLOUDFLARENET, US)

text.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6816:24bf (United States)

ASN13335 (CLOUDFLARENET, US)

www.etxt.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 104.111.216.213 (Frankfurt am Main, Germany) 2 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a104-111-216-213.deploy.static.akamaitechnologies.com

s.click.aliexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
login.aliexpress.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 62.128.97.7 (Moscow, Russian Federation) 1 redirects

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

best.aliexpress.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 62.128.97.25 (Moscow, Russian Federation) 1 redirects

ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN)

login.aliexpress.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2606:4700:10::6814:33a1 (United States)

ASN13335 (CLOUDFLARENET, US)

hostiq.ua	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 116.202.164.135 (Germany) 1 redirects

ASN24940 (HETZNER-AS, DE)
PTR: my.adminvps.ru

my.adminvps.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 5.253.61.60 (Russian Federation)

ASN211642 (ADMINVPS, RU)

adminvps.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 185.26.122.131 (Russian Federation) 1 redirects

ASN62082 (HOSTLAND, RU)
PTR: serv131.hostland.ru

www.hostland.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 185.203.72.141 (Russian Federation)

ASN42240 (VARITI-INT-AS, RU)

fozzy.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 78.110.50.108 (Moscow, Russian Federation) 1 redirects

ASN31240 (HT-SYSTEMS-AS Uplinks:, RU)
PTR: c6-w.ht-systems.ru

www.hts.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 142.250.186.130 (United States) 3 redirects

ASN15169 (GOOGLE, US)
PTR: fra24s07-in-f2.1e100.net

cm.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2.18.234.21 (Frankfurt am Main, Germany) 3 redirects

ASN16625 (AKAMAI-AS, US)
PTR: a2-18-234-21.deploy.static.akamaitechnologies.com

dsum-sec.casalemedia.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 37.252.173.62 (Frankfurt am Main, Germany) 3 redirects

ASN29990 (ASN-APPNEX, US)
PTR: 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

ib.adnxs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:829::2006 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

s0.2mdn.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 142.250.185.194 (United States)

ASN15169 (GOOGLE, US)
PTR: fra16s52-in-f2.1e100.net

googleads4.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 85.14.248.91 (Meerbusch, Germany)

ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE)

m.exactag.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a02:26f0:fb::5f65:5922 (Frankfurt am Main, Germany)

ASN20940 (AKAMAI-ASN1, NL)

code.createjs.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
25	oknaforlife.ru 3 redirects oknaforlife.ru	346 KB
19	googlesyndication.com pagead2.googlesyndication.com — Cisco Umbrella Rank: 90 tpc.googlesyndication.com — Cisco Umbrella Rank: 122	309 KB
12	doubleclick.net 3 redirects googleads.g.doubleclick.net — Cisco Umbrella Rank: 38 cm.g.doubleclick.net — Cisco Umbrella Rank: 176 googleads4.g.doubleclick.net — Cisco Umbrella Rank: 276	105 KB
8	gstatic.com fonts.gstatic.com www.gstatic.com	74 KB
7	yandex.com 2 redirects mc.yandex.com — Cisco Umbrella Rank: 28691	2 KB
6	2mdn.net s0.2mdn.net — Cisco Umbrella Rank: 246	126 KB
5	casalemedia.com 3 redirects dsum-sec.casalemedia.com — Cisco Umbrella Rank: 496	4 KB
5	admitad.com 3 redirects ad.admitad.com — Cisco Umbrella Rank: 36269	1 KB
5	iexqhm.com iexqhm.com	88 KB
5	googleapis.com fonts.googleapis.com — Cisco Umbrella Rank: 35 ajax.googleapis.com — Cisco Umbrella Rank: 251	98 KB
4	adnxs.com 3 redirects ib.adnxs.com — Cisco Umbrella Rank: 205	4 KB
3	aliexpress.ru 2 redirects best.aliexpress.ru — Cisco Umbrella Rank: 290024 login.aliexpress.ru — Cisco Umbrella Rank: 35596	2 KB
3	beget.com 2 redirects beget.com — Cisco Umbrella Rank: 120790	589 B
3	allpositions.ru 2 redirects allpositions.ru	413 B
3	letyshops.com 2 redirects letyshops.com — Cisco Umbrella Rank: 79033	1 KB
2	hts.ru 1 redirects www.hts.ru	1 KB
2	hostland.ru 1 redirects www.hostland.ru	133 B
2	adminvps.ru 1 redirects my.adminvps.ru adminvps.ru	612 B
2	aliexpress.com 2 redirects s.click.aliexpress.com — Cisco Umbrella Rank: 25735 login.aliexpress.com — Cisco Umbrella Rank: 32032	3 KB
2	timeweb.com 1 redirects timeweb.com — Cisco Umbrella Rank: 440457	3 KB
2	aviasales.ru 1 redirects aviasales.ru — Cisco Umbrella Rank: 143349 www.aviasales.ru — Cisco Umbrella Rank: 196244	219 B
2	kwork.ru 1 redirects kwork.ru — Cisco Umbrella Rank: 419359	609 B
2	gogetlinks.net 1 redirects www.gogetlinks.net	442 B
2	leads.su 1 redirects webmaster.leads.su	737 B
2	googletagservices.com www.googletagservices.com — Cisco Umbrella Rank: 147	72 KB
2	google.com adservice.google.com — Cisco Umbrella Rank: 57	671 B
2	google.de adservice.google.de — Cisco Umbrella Rank: 8832	914 B
2	yandex.ru 1 redirects mc.yandex.ru — Cisco Umbrella Rank: 2926	69 KB
1	createjs.com code.createjs.com — Cisco Umbrella Rank: 1243	63 KB
1	exactag.com m.exactag.com — Cisco Umbrella Rank: 12956	1 KB
1	fozzy.com fozzy.com — Cisco Umbrella Rank: 632101
1	hostiq.ua hostiq.ua
1	etxt.ru www.etxt.ru
1	text.ru text.ru — Cisco Umbrella Rank: 910523
1	reg.ru www.reg.ru — Cisco Umbrella Rank: 321842
1	advego.com advego.com Failed
1	miralinks.ru www.miralinks.ru
1	rookee.ru www.rookee.ru
1	alfabank.ru alfabank.ru — Cisco Umbrella Rank: 99172
1	googleadservices.com partner.googleadservices.com — Cisco Umbrella Rank: 716	647 B
1	static20.online static20.online	6 KB
1	bigreal.org bigreal.org — Cisco Umbrella Rank: 717668	7 KB
1	intelcentre.ru 1 redirects intelcentre.ru	252 B
0	webhost1.ru Failed webhost1.ru Failed
120	44

	Domain	Requested by
25	oknaforlife.ru	3 redirects oknaforlife.ru
10	pagead2.googlesyndication.com	oknaforlife.ru pagead2.googlesyndication.com googleads.g.doubleclick.net tpc.googlesyndication.com www.googletagservices.com
9	tpc.googlesyndication.com	googleads.g.doubleclick.net oknaforlife.ru tpc.googlesyndication.com
7	mc.yandex.com	2 redirects oknaforlife.ru mc.yandex.ru
6	s0.2mdn.net	oknaforlife.ru s0.2mdn.net googleads.g.doubleclick.net
6	googleads.g.doubleclick.net	pagead2.googlesyndication.com oknaforlife.ru
5	dsum-sec.casalemedia.com	3 redirects googleads.g.doubleclick.net
5	ad.admitad.com	3 redirects oknaforlife.ru
5	fonts.gstatic.com	fonts.googleapis.com
5	iexqhm.com	oknaforlife.ru iexqhm.com
4	ib.adnxs.com	3 redirects googleads.g.doubleclick.net
4	cm.g.doubleclick.net	3 redirects googleads.g.doubleclick.net
4	fonts.googleapis.com	oknaforlife.ru googleads.g.doubleclick.net
3	beget.com	2 redirects oknaforlife.ru
3	allpositions.ru	2 redirects oknaforlife.ru
3	letyshops.com	2 redirects oknaforlife.ru
3	www.gstatic.com	googleads.g.doubleclick.net
2	googleads4.g.doubleclick.net	oknaforlife.ru
2	www.hts.ru	1 redirects oknaforlife.ru
2	www.hostland.ru	1 redirects oknaforlife.ru
2	best.aliexpress.ru	1 redirects oknaforlife.ru
2	timeweb.com	1 redirects oknaforlife.ru
2	kwork.ru	1 redirects oknaforlife.ru
2	www.gogetlinks.net	1 redirects oknaforlife.ru
2	webmaster.leads.su	1 redirects oknaforlife.ru
2	www.googletagservices.com	oknaforlife.ru googleads.g.doubleclick.net
2	adservice.google.com	pagead2.googlesyndication.com
2	adservice.google.de	pagead2.googlesyndication.com
2	mc.yandex.ru	1 redirects oknaforlife.ru
1	code.createjs.com	s0.2mdn.net
1	m.exactag.com	googleads.g.doubleclick.net
1	fozzy.com	oknaforlife.ru
1	adminvps.ru	oknaforlife.ru
1	my.adminvps.ru	1 redirects
1	hostiq.ua	oknaforlife.ru
1	login.aliexpress.ru	1 redirects
1	login.aliexpress.com	1 redirects
1	s.click.aliexpress.com	1 redirects
1	www.etxt.ru	oknaforlife.ru
1	text.ru	oknaforlife.ru
1	www.reg.ru	oknaforlife.ru
1	www.aviasales.ru	oknaforlife.ru
1	aviasales.ru	1 redirects
1	advego.com	oknaforlife.ru
1	www.miralinks.ru	oknaforlife.ru
1	www.rookee.ru	oknaforlife.ru
1	alfabank.ru	oknaforlife.ru
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	static20.online	oknaforlife.ru
1	bigreal.org	oknaforlife.ru
1	ajax.googleapis.com	oknaforlife.ru
1	intelcentre.ru	1 redirects
0	webhost1.ru Failed	oknaforlife.ru
120	53

This site contains links to these domains. Also see Links.

Domain
wp-kama.ru
iexqhm.com

Subject Issuer	Validity	Valid
oknaforlife.ru R3	`2022-03-02` - `2022-05-31`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
upload.video.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
bigreal.org R3	`2022-02-20` - `2022-05-21`	3 months	crt.sh
iexqhm.com R3	`2022-02-28` - `2022-05-29`	3 months	crt.sh
static20.online R3	`2022-03-09` - `2022-06-07`	3 months	crt.sh
mc.yandex.ru Yandex CA	`2021-12-22` - `2022-06-03`	5 months	crt.sh
*.gstatic.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.googleadservices.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.google.de GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.google.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.rookee.ru R3	`2022-02-04` - `2022-05-05`	3 months	crt.sh
miralinks.ru Sectigo RSA Domain Validation Secure Server CA	`2021-06-07` - `2022-07-08`	a year	crt.sh
www.reg.ru GlobalSign Extended Validation CA - SHA256 - G3	`2021-07-16` - `2022-08-15`	a year	crt.sh
advego.com Sectigo RSA Domain Validation Secure Server CA	`2021-10-17` - `2022-10-02`	a year	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2021-06-15` - `2022-06-14`	a year	crt.sh
*.etxt.ru E1	`2022-02-03` - `2022-05-04`	3 months	crt.sh
hostiq.ua Sectigo RSA Extended Validation Secure Server CA	`2021-11-01` - `2022-12-02`	a year	crt.sh
fozzy.com GeoTrust EV RSA CA 2018	`2021-06-22` - `2022-07-23`	a year	crt.sh
*.doubleclick.net GTS CA 1C3	`2022-02-28` - `2022-05-23`	3 months	crt.sh
*.exactag.com Sectigo RSA Organization Validation Secure Server CA	`2020-01-22` - `2022-04-21`	2 years	crt.sh
tls.adobe.com DigiCert SHA2 Secure Server CA	`2020-06-01` - `2022-06-06`	2 years	crt.sh

This page contains 11 frames:

Primary Page: https://oknaforlife.ru/
Frame ID: 812BF385B262D8437847BAF093CA1B9C
Requests: 82 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20190131/zrt_lookup.html
Frame ID: 277DD03D6FBE038B2ADEE98F887530D2
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4076205560725900&output=html&adk=1812271804&adf=3025194257&lmt=1647667207&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Foknaforlife.ru%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647667207546&bpp=263&bdt=169&idt=347&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2322646096123&frm=20&pv=2&ga_vid=1519084285.1647667208&ga_sid=1647667208&ga_hid=923935625&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42530891%2C42531397%2C44750774%2C31065370&oid=2&pvsid=1480384292048340&pem=51&tmod=1933534315&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=359
Frame ID: 98CB4423939492E010FB7CBC026F477D
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1
Frame ID: 8312EE3C1DAF93041C954594F219FCFC
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1
Frame ID: 956FAAEBD6CC810071D9782D041FBE46
Requests: 1 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJClsJ4CEKDVu6ECGM6S-cIBMAE&v=APEucNW6CoJbnVxbSTvxUtdjcH0wmj0Dfjyhnjv5wE4xu4QyiRxLJ0fAXCm6v1tzH_CR98oq-OA3gvEetPx8LhsO-uf7q487tmuttYet9CCOjZTOrW09aqEkL-kceQWVMecJ5pRKgAI5R1O0jbjI5xZoCTxg5siAvKJmtwp1pEo9T20HO0sY3iI
Frame ID: A2E6FBFDD1378385F795690D70F03D86
Requests: 5 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BCUR0L7xNxjkE7OAAyND1yJTowBq1csoVMyVwVyiI9Tkgfwez34lHAbYgBbIDZnMNkjebuYOzf62ZkIeqwQSwhl10jHmoVWz5ySqhXNXZvFiNjbng2Q0jBhucb2igmqbU0xfHT2XmH4DQYRny94qPcgyMrOA&dbm_d=AKAmf-DOM739om7nTL5vVOQ2B2w0F1f2sB0wMqGNlLtPnD-K9sk8nHwkosZdLVvk-RjLUgmLFZo41V8Nu4fnIaBSOBn605DbglR7Y3pHQUz-M0T96YEX9uk-bXvna5jDIMOHXDt5SuPfbxOZNiIj7YhI_lHlI6UWyl8-pPo1ZteAYVFLVVnHmPQvPQkG0CgwF7RH4FKI4_qFMheE0IR5wxMyaHNBaxD__y2yLTUy6pfjMvPe0Y9tHyqJ89HaosJWVT0mLPHSP_0jV0q60rNWozr5POP-GmQ5NS5WGILaxXhlLjkB5LN3PBTfUOw25cOUWaiDzcuUzMW88nyMRwikkvFrxZ8GO-_B3nYV8NzLUJu-OyLjvOub00v3f1oubE_Aq0AaSZAM98qJJou-qBdAMFPIxCgDpHBf4WFnybNKFd57Ag7UEtueAobkS5SgIKCSDdKdcK50uLRiKl_oNINguYH6XJgShQ0_0Bm9uJ1aUIAfZKb4oB2WdNo2lhWC1RN4FnWbnJjUE8Vl--LIVhHWvCtPZIN5mUnomoxBIFmmiCz0qGzaamyIymSr_-a8anmnUxb3P4vmiz8GQUdBy2PcH99RqKT7Rrj3KqTJS1igXK2DghTnI42Wvs0xqVQwenvFnyB59ZKXcQtfUyzD4PcVSESDXf888_ywD7NaLonj4cXnsQsiw1xOHluLilTMnn6qHxcG2cMcSX9ANgLPwoorvzEP0HBYXmJrkf4pQ7TBNfiO6z42pF0NP2koC2UkWPQ7jLlDMVPjnD9Y9pSYVtbdduWcUm9AxoCZUAMyAxt0gUBaw7JtbpDq4mHBgbREBMOlWSnRwkuBq4Y-XHR5FcWxRio_6t9_h0LFvSj5Sxv5yEYOSTvvh4WhmSR8qoBCgVJi1ugY0N6JCiNtA4Otjm5MCN0qTAdVGH2scFxwP5Q5dm8YhU71YxeS8htr96H8HyQJojMS9mVnZXWyYrOCnxESplSX-5Ji2UbmvxB9ld9TLbuv_-UznpYPmefE_-0Y61JuwbqODWzalXQ2iPXIAgHblKggWAqxo6eSnpmBIQh6olTYMik5sQ_RY73UQNKEzNvC6m0BXh5F0k_mJl73CU_KE97yulMQcRX7WzG0TnQb8QARget4FSM1uyCSXsJ-jRW4Qfe1edQugRiTSCkQKPoZTPu-cEzdwBJco14PbvrqHk-lU4k9kYb2evZ5LAhU2t6o7ZiFGWZVUmGhG64CXDphbiezB9MjPlPFN6pmNzpIoY3AFQWsjdZngebfrHjCIB7-IOslhZXnBuUtcgf30QvREzQ1lcvG423AP84-rh6a1TWsWowXBkGmcBeVqgYz7KErPT9T1L_ZwqI7Zs6uBlGewrosXuW009fpxA9n5jJlQnhXWeCEuFhtE6M91U40fSVsobG49dKcFfR30L-3alX7qMjXhLQ7NF5xJ1YC2cGowal_8upu9JFEc-5glZ_0HXVwpgnXgkD7bB_VQT9Kd3RAsdNZ0JLu3BC6vzw4-M7P-r6SeBRVPUJfqqyrwrH7umibG5XOfMojtfNTCCQ3WRZw2k9H9rURHCWYD3vLZBQLjdCRTUFpOQkUfghV8K6Q8yg_P13c_XYhdSBMLNVjzupMADySKwrYoaWkX1ltY31O42C7peDq-H0fd5OlOKwqMUQS-85nAUWeKw5MhQc0yQtfGvRafquTymfKqZMEiKWYMCmPhzNtLlPcgo-s5yBpZ-laRpJA-DjTTLdp_NgTgBzB9IM0MKwP2K6i9Jfgo4CngCJgPvSRWVK2SCfo-fZYMb3CKXcWDnYRUIsfqzLiyMrDqn8vxgq-qqMVYyXg8tFRwWmqA-oP6smNbdRj-69O08xwAnfBV-845vdLloD4hFUWuYaD-6wXSYsVf-Rx2dQ2wwSmkwWWQAOZkBfkHDjhpKn9Yzr41zdu-4v6QBBTopppq5a5LtjRYELUhkb0IX4NIyetQ3JrqlHs-XGrMGDyGexQjTwZKtqaxcKskc3tzzy5EQSUSyIF6ZinrQbQYSURjUMkWmfLFtVTM33dlZcbbj6aGdMORxJFQS4QMeg3yDre0dLRdZgbFtxf1MQPGohRhCRnneyFrML61htEyIkqJOmpS6sC9qdW1zCq92D7wVwnER6B-X15w17rQRhRHBcKI7Rq5__IIwF6_X5KWTnpzUEzTVVGF3s2jgb0XcjIvqNQ3zXPyyI7hePGmH-NhKxYfI3ii5ars1k4yWdxTNCDiQAtj29-m7dwrXr8iCHm4zcSiQCuxbnhq6K3KOmvJgSAG4h-b9GKur-28uDngmZk8lukNwtid-Y83QZKYZ_GeOG0dLa8kuAzS734kYk0qDNPU21BWeclogGvXmUNMH__e_Iw6juPG9eI2-ZZ5yptmm65EyN-hx-Yy0kE-KqJD8FLl7RE1KilIKwX_09LKeW8eKC4LbNxZ2EAZSbwHsWQo28HMMejVyIL7bVqapScPofM42ETV5T6WydVfHwTjbG3FH1ocO7I62J8aEaxZBDgsRI9j9wEFKLHDSXR5ug7bLOG69ax4BPedfSGOH7mlp9Vuy_hKlbBmDzoDF8xS2FrhwwpssfE6lYK7PGU3f3dwATpIg0SpTaLxTGo-WQNcRbrLMrAku0kW4X_j8pn7rrABJ1p1LsB2Xm2jC047LbBtPx1pUWskgNfsnfCl8uRzKYJgU2_9b6eNB8D-Fo2GN114GXP8vCDtb79dSMyTXrNdhEV3x7XgzitFIK6tiF6j-JO5adeau_8b7QfxNqqPRxTCwRE92jAXTb4ornabLuS_XLWyMxWpy1DAviHkiAkqZ5PoQ4PzckdaR1OELh_gDwBB8vAKPWGgWKhNkLQ_x9Vs-cE0npqNoZr44nl3UBARgDe3CPHaXaagMoulVB0-Gkbcw01k2Ql8qbgJRu9PYqcZV9XJIP_ua6wthGdPszsktv7wlbfNbqect9VgPKBc9uc--olXGabCgEBx3v-FMeH9LIsDX7pFKxvjq0_VXiPIENncbxg_91PLeELNH-SN822gTxuHMgdhZ_A0WxcpNco6J1_zzc2CfaErI7Ifp-N4TN4FVxJozpG12uPtaTVkjiPNG1JUs3CZ84Xm5zD7ToGAVo1hJgJgC69tnvEc-9-5RvNoIZ3se8CarxfzxMj5n3UmxRMn6SWl1o-b_m2Ua-F7Su20pQ3ysd8zigJyOjQO2b3iIf5xtwHfpP8d71-IF5S6sXKBRciGWNwd9JgVWSWvBQYjEleZqm-MN6TTB-HVq0LvU2wnaE3Nccm2bnJaSU7wocTOEirq9gpFfeF9A&cid=CAASBORovQM&rfl=2%2Chttps%253A%252F%252Foknaforlife.ru%252F%240
Frame ID: 1C64169D8A35DAFD586A6BFB8E1710A1
Requests: 14 HTTP requests in this frame

Frame: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500
Frame ID: CAA3345C668AEAB3A90B61869DABCD29
Requests: 7 HTTP requests in this frame

Frame: https://pagead2.googlesyndication.com/bg/Guojae3EGYR4c8nOY3QAJp6N_HyMY3qMC8IMY_l3vL8.js
Frame ID: 89894DD7ED276E3584B92A159892B4F3
Requests: 1 HTTP requests in this frame

Frame: https://s0.2mdn.net/sadbundle/6686288770309816320/Baby_728x90/JAKO-O_Baby_C_728x90.html
Frame ID: 7B71FDA1F169880C0A8BBB3BBDC0C831
Requests: 6 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/Enqz_20U.html
Frame ID: 2F7BCB9BF875E80CF2D05038765DB8E2
Requests: 3 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Page Title

OknaForLife.ru - Строительный портал

Page URL History Show full URLs

http://intelcentre.ru/ HTTP 301
https://oknaforlife.ru/ Page URL

Detected technologies

WordPress (CMS) Expand

Overall confidence: 100%
Detected patterns

<link rel=["']stylesheet["'] [^>]+/wp-(?:content|includes)/
/wp-(?:content|includes)/

AppNexus (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

adnxs\.(?:net|com)

DoubleClick Campaign Manager (DCM) (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

2mdn\.net

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

googlesyndication\.com/
2mdn\.net

Google Font API (Font Scripts) Expand

Overall confidence: 100%
Detected patterns

<link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

mc\.yandex\.ru/metrika/(?:tag|watch)\.js

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

/([\d.]+)/jquery(?:\.min)?\.js
jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

120
Requests

78 %
HTTPS

38 %
IPv6

44
Domains

53
Subdomains

46
IPs

7
Countries

1367 kB
Transfer

3450 kB
Size

40
Cookies

4 Outgoing links

These are links going to different origins than the main page.

URL: http://wp-kama.ru/?p=67
Title: © Kama

Search URL Search Domain Scan URL

URL: https://iexqhm.com/v4/click?media=424244&c=mAY-5iKo0pztecChW5KR7zhPbqFpobokERLyuqKYCi1iyuxx9F9qys3YHocdrGFTax8dreYapDrL6YfBq9UYK9nuZVQem7VSIs61Te78CY5uIdogfYpt3xdMCPxBHwKLQqm4m3WJSBMfFyJg1zQj0y24oNeR7XX5IJYEwwjjBL0sNm7_6stdy5FhfM-sO9rnaqjC2f3Ba60TehcU4pS9KckYJPe6Pegwvduttvf2kvds5Z3PnlBakLJlmnsW37EWjlS5tD7zRiIQQt9wpNL1mIFLY3mpfFltc97y0qeJ4XEch3tZQJk4Mf720g9pen7Ti4bJSP43CVjgMOGCWd3GTZ_0S-QrA7FI--1WGP2AlPtUl5Fybq_XzdcSrPSuQqnbcI4DmivN8l0-naWQC8RTqeWb7kGMSrfvhSkqKZFBc99-kMpzw6ewwOTMH8-ClnrzoUq0zzZrDtjK-p_t3gjAxtmNsDNsVvyYLlAQmpkp3EOH_9s8mCqBb5AaZSkZ4Q7gSdcKlyNPnICyqdNWkN0BfzES57o0ykX8GbZdGeUMwmtHhWdlWj3BQ_dkQV0T
Title: Паразиты роем вылетают из организма и папилломы сходят к утру, без таблеток Подробнее

Search URL Search Domain Scan URL

URL: https://iexqhm.com/v4/click?media=429404&c=mAY-HBDid6J59zqExpTg2CWicbz_DYtcJVLlq5bedcp9e8WLTVQss7YA-b74RGOZdrq1BiRTgFJmaQN4zPVAKtvp7fagOS54hAOyku5nKZcsWjSSBhbGHdml-WxwAUaEe04AA-gx-qjuQBImn16u2PaK12elSIx_d_AUFGhQr0MOzLyNd_9u7jK5aEx1AUE9qpqvOsP3VAJuovdl87njBYEFODpQTtqRBBR94AuQsJQdLpfDHM_pYJhFgobPE3gH1MemGfpDerRZytrmVB4J6wecdXpXWNlcOf6JRgqcfsRot4UiHW5fggTrf4nsq1wfO4E7x3hkYYJ7oO2-KtJ8jQMzm7FRNQd09egHBwLCUMIBZaCoXAY3Het-3R7XSTio_rmaFcJ0-EXC45rODrcvWuKfhderVRVYhsQYfzSCegLS4L9fPAeKwBPlPdwfzYtksyT6xPv20K1vAOCXhyYeTvHkE_YjR3g_lGJi0pO0mfnDlADzDFleeLZvorJmr9xrT3TRyvqLtxIMqWguuV9l8oClV4C0
Title: Это случится 19 марта: нас предупредили Подробнее

Search URL Search Domain Scan URL

URL: https://iexqhm.com/v4/click?media=386257&c=mAZQ4xAn_BShxF0DMrc1svjv_5-vJd37k_GJIyWqSluGFohsBEY9gI9VSGT60qxkeqDdCCL0MY4cd-OM1ptGkTWJTp3Y1E5fZoZh68QZYWQxgSsvUwmfaRE7qMd_7lsvPhOaegEeT5T1DwdOt-T8GAKSzZ6OthE9iRp5ITTVkDukiA7V_co9tHKbvVkHgF9DXPLm99dfW0nMg1QWuKSVrP9d0MQDrpX1VBB1CzHhohy9xyOdW7lP26URgQ_IZdFEZl_wz2coJudIAgmWYU7wXXDXrM_MR1kgmxnuaRHoOiRR6_3hDkoUmF49hXDj7NTj9S9Shfa0DYLHW1KRWQW_v7Lfh-ksoqE86W9TmkdF_5MnGJamc2hEqspSwjaJl643qQzC0hZxfCar-_8aHLPxgaSx1090jN9nrWBj3eVu5cpzZRe9nOrMw8ym84sWS56Xz_gqQu9y7Ui9n6oLXc3CwM4B5XekOZrF2Z_lb8t_196jcJktEsSnJ7gqoIRshaZR6T6tCd0dqtHoeSvyTZo-wHX3XqsPW-a9rEcn
Title: Сравнили смертность среди привитых и не привитых людей: цифры удивят Подробнее

Search URL Search Domain Scan URL

Page URL History

This captures the URL locations of the websites, including HTTP redirects and client-side redirects via JavaScript or Meta fields.

http://intelcentre.ru/ HTTP 301
https://oknaforlife.ru/ Page URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 11

https://oknaforlife.ru/wp-content/themes/marafon/js/loadmore.js HTTP 301
https://oknaforlife.ru/

Request Chain 12

https://oknaforlife.ru/wp-includes/js/copyright.min.js HTTP 301
https://oknaforlife.ru/

Request Chain 32

https://oknaforlife.ru/sFaQ0wZ4C.js HTTP 301
https://oknaforlife.ru/

Request Chain 45

https://mc.yandex.com/sync_cookie_image_check HTTP 302
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9582.zKCdzbdjRn-EsLkyQDZ6X1DhGhiXpPql3bKuyxGOVvungy5woKwyU8T6lV-m9OTB.7m6KhVmIMuRsdlu8UJk1G09hl0M%2C HTTP 302
https://mc.yandex.com/sync_cookie_image_decide?token=9582.X4geT3qDtdBleriH2_iO9CTMJHR8VAhCOxeNxT3TpedEKhV1l_ZgNsyzr1v3bMzO8jUvNuETjPguo1nrm3ZjIA%2C%2C.FR0OQZT-2u11epTfh7hJWcAMdbA%2C

Request Chain 49

https://mc.yandex.com/watch/56921500?wmode=7&page-url=https%3A%2F%2Foknaforlife.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvhnsftt6hmgv%3Afp%3A1679%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A1250288449475%3Ahid%3A956707004%3Az%3A0%3Ai%3A20220319052008%3Aet%3A1647667208%3Ac%3A1%3Arn%3A123114014%3Arqn%3A1%3Au%3A1647667208218611687%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1647667206143%3Ads%3A422%2C117%2C113%2C58%2C577%2C0%2C%2C420%2C1%2C%2C%2C%2C1732%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1647667208%3At%3AOknaForLife.ru%20-%20%D0%A1%D1%82%D1%80%D0%BE%D0%B8%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB&t=gdpr(14)aw(1)ti(2) HTTP 302
https://mc.yandex.com/watch/56921500/1?wmode=7&page-url=https%3A%2F%2Foknaforlife.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvhnsftt6hmgv%3Afp%3A1679%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A1250288449475%3Ahid%3A956707004%3Az%3A0%3Ai%3A20220319052008%3Aet%3A1647667208%3Ac%3A1%3Arn%3A123114014%3Arqn%3A1%3Au%3A1647667208218611687%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1647667206143%3Ads%3A422%2C117%2C113%2C58%2C577%2C0%2C%2C420%2C1%2C%2C%2C%2C1732%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1647667208%3At%3AOknaForLife.ru%20-%20%D0%A1%D1%82%D1%80%D0%BE%D0%B8%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB&t=gdpr%2814%29aw%281%29ti%282%29

Request Chain 69

https://ad.admitad.com/g/i352cbwpfvd7bbbf08bf1cb5598fff/ HTTP 302
https://alfabank.ru/get-money/credit-cards/land/100-days-cpa/?platformId=alfapartners_cpa_118_CC-visaclassic-70field-sale-162273-0-admitad-237669-cpanetwork_bcddc4b3a0371778876d4cc3db530e7d&afclick=bcddc4b3a0371778876d4cc3db530e7d&utm_source=alfapartners&utm_medium=cpa&utm_campaign=118&utm_content=alfapartners_cpa_118_CC-visaclassic-70field-sale-162273-0-admitad-237669-cpanetwork_bcddc4b3a0371778876d4cc3db530e7d&card=master_card_mass&utm_term=bcddc4b3a0371778876d4cc3db530e7d&sub2=10&sub3=1cb5598fff

Request Chain 70

https://webmaster.leads.su/register?ref_id=142994 HTTP 302
https://webmaster.leads.su/register

Request Chain 71

https://www.gogetlinks.net/?inv=j0ptqg HTTP 302
https://www.gogetlinks.net/

Request Chain 74

https://advego.com/34gETAH5AN HTTP 301
https://advego.com/34gETAH5AN/ HTTP 301
https://advego.com/

Request Chain 75

https://kwork.ru/ref/116548 HTTP 302
https://kwork.ru/

Request Chain 76

https://letyshops.com/ua/soc/sh-1?r=12096197 HTTP 302
https://letyshops.com/de/soc/sh-1?r=12096197 HTTP 302
https://letyshops.com/de/winwin?ww=12096197

Request Chain 77

https://aviasales.ru/?marker=229555 HTTP 301
https://www.aviasales.ru/?marker=229555

Request Chain 78

https://allpositions.ru/redirect/289201 HTTP 301
https://allpositions.ru/redirect/index/289201/1 HTTP 301
https://allpositions.ru/

Request Chain 79

https://beget.com/p534763 HTTP 301
https://beget.com/ HTTP 301
https://beget.com/ru

Request Chain 81

https://timeweb.com/ru/?i=50887 HTTP 301
https://timeweb.com/ru/

Request Chain 86

https://ad.admitad.com/g/6dadf43a4dd7bbbf08bff76aa61bb5/ HTTP 302
https://ad.admitad.com/dummy/?w=523986&c=3081&r=3&d=3&g=DE&x=2684225679f1187906a6fc0227d0a716&y=2684225679f1187906a6fc0227d0a716

Request Chain 87

https://ad.admitad.com/g/207bcbdf4cd7bbbf08bf159ac4a8d3/ HTTP 302
https://ad.admitad.com/dummy/?w=523986&c=2402&r=3&d=3&g=DE&x=6cc6249a71a0ef3887d2cd175d38e269&y=6cc6249a71a0ef3887d2cd175d38e269

Request Chain 88

https://s.click.aliexpress.com/e/_dSydzZH?dp=oknaforlife.ru HTTP 302
https://best.aliexpress.ru/?dp=oknaforlife.ru&aff_fcid=b07582248b644e678ab69bcef0c5686a-1647667209414-07651-_dSydzZH&aff_fsk=_dSydzZH&aff_platform=portals-tool&sk=_dSydzZH&aff_trace_key=b07582248b644e678ab69bcef0c5686a-1647667209414-07651-_dSydzZH&terminal_id=efb7f7b7d1ea4e0f80ee6a0d3a322c65 HTTP 302
https://login.aliexpress.com/sync_cookie_read.htm?xman_goto=https%3A%2F%2Fbest.aliexpress.ru%2F%3Fdp%3Doknaforlife.ru%26aff_fcid%3Db07582248b644e678ab69bcef0c5686a-1647667209414-07651-_dSydzZH%26aff_fsk%3D_dSydzZH%26aff_platform%3Dportals-tool%26sk%3D_dSydzZH%26aff_trace_key%3Db07582248b644e678ab69bcef0c5686a-1647667209414-07651-_dSydzZH%26terminal_id%3Defb7f7b7d1ea4e0f80ee6a0d3a322c65 HTTP 302
https://login.aliexpress.ru/sync_cookie_write.htm?acs_random_token=efb7f7b7d1ea4e0f80ee6a0d3a322c65&xman_goto=https%3A%2F%2Fbest.aliexpress.ru%2F%3Fdp%3Doknaforlife.ru%26aff_fcid%3Db07582248b644e678ab69bcef0c5686a-1647667209414-07651-_dSydzZH%26aff_fsk%3D_dSydzZH%26aff_platform%3Dportals-tool%26sk%3D_dSydzZH%26aff_trace_key%3Db07582248b644e678ab69bcef0c5686a-1647667209414-07651-_dSydzZH%26terminal_id%3Defb7f7b7d1ea4e0f80ee6a0d3a322c65 HTTP 302
https://best.aliexpress.ru/?dp=oknaforlife.ru&aff_fcid=b07582248b644e678ab69bcef0c5686a-1647667209414-07651-_dSydzZH&aff_fsk=_dSydzZH&aff_platform=portals-tool&sk=_dSydzZH&aff_trace_key=b07582248b644e678ab69bcef0c5686a-1647667209414-07651-_dSydzZH&terminal_id=efb7f7b7d1ea4e0f80ee6a0d3a322c65

Request Chain 90

https://my.adminvps.ru/aff.php?aff=700 HTTP 301
https://adminvps.ru/

Request Chain 91

https://www.hostland.ru/?r=3a81d50b HTTP 302
https://www.hostland.ru/

Request Chain 93

https://www.hts.ru/?affid=68551 HTTP 302
https://www.hts.ru/

Request Chain 101

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJzLQqm8vaIJQbT4ihiqWtE&google_cver=1 HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJzLQqm8vaIJQbT4ihiqWtE&google_cver=1&C=1

Request Chain 102

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D HTTP 302
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1 HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YjVoCE6e0tlXb13hVqJ4pAAA HTTP 302
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKdI31dfixrmvL_COAo9Oow&google_cver=1

Request Chain 103

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm HTTP 302
https://ib.adnxs.com/setuid?entity=101&code=CAESEMzCkId91DqqWeM3gcXTPaA&google_cver=1 HTTP 307
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMzCkId91DqqWeM3gcXTPaA%26google_cver%3D1

Request Chain 104

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC} HTTP 307
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D HTTP 302
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzAwMDUwNTU5ODA3MjEwOTAwNA%3D%3D

120 HTTP transactions
7 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H2

200

Primary Request / Show response
oknaforlife.ru/
Redirect Chain

http://intelcentre.ru/
https://oknaforlife.ru/

162 KB
50 KB

653ms
113ms

Document
text/html

87.236.16.42
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://oknaforlife.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.42 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.wolf2.beget.com
Software: nginx-reuseport/1.21.1 / PHP/5.6.40
Resource Hash: 8a9abd30808e6387e54e53cb874e3feac92d1e0d474746405acd7db18a519f65

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9

Response headers

server: nginx-reuseport/1.21.1
date: Sat, 19 Mar 2022 05:20:07 GMT
content-type: text/html; charset=UTF-8
content-length: 50838
x-powered-by: PHP/5.6.40
vary: Accept-Encoding,Cookie
cache-control: max-age=3, must-revalidate
content-encoding: gzip

Redirect headers

Server: nginx-reuseport/1.21.1
Date: Sat, 19 Mar 2022 05:20:06 GMT
Content-Type: text/html; charset=iso-8859-1
Content-Length: 309
Connection: keep-alive
Keep-Alive: timeout=30
Location: https://oknaforlife.ru/

GET
H2 200 adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 156 KB
54 KB 102ms
54ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: oknaforlife.ru
URL: https://oknaforlife.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5faf35ef984a9608bfb1b898f477b401899df014c17bae6f6a44ca540bad3a0d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oknaforlife.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 05:20:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54769
x-xss-protection: 0
server: cafe
etag: 15717518788144023325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600
timing-allow-origin: *
expires: Sat, 19 Mar 2022 05:20:07 GMT

GET
H2 200 css
fonts.googleapis.com/ 10 KB
1 KB 77ms
28ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:400,400i,500,700,700i&subset=cyrillic

Requested by

Host: oknaforlife.ru
URL: https://oknaforlife.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

eafe160c631fe12e8295a70b1f984d23fe9a988f47c3768683927c69554e6b0e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oknaforlife.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 19 Mar 2022 04:46:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 19 Mar 2022 05:20:07 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 19 Mar 2022 05:20:07 GMT

GET
H2 200 style.min.css
oknaforlife.ru/wp-includes/css/dist/block-library/ 40 KB
6 KB 60ms
58ms Stylesheet
text/css 87.236.16.42
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://oknaforlife.ru/wp-includes/css/dist/block-library/style.min.css
Requested by: Host: oknaforlife.ru
URL: https://oknaforlife.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.42 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.wolf2.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: dfd6d929422d1f69a727fb6b525f610562eab183a333576516bec0b0503cb049

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oknaforlife.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 05:20:07 GMT
content-encoding: gzip
last-modified: Thu, 11 Jun 2020 01:06:39 GMT
server: nginx-reuseport/1.21.1
etag: W/"5ee1839f-a055"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Sat, 26 Mar 2022 05:20:07 GMT

GET
H2 200 wmac_single_e029929a3396d833554ec4e31a7afb2f.css
oknaforlife.ru/wp-content/cache/wmac/css/ 1 KB
839 B 60ms
58ms Stylesheet
text/css 87.236.16.42
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://oknaforlife.ru/wp-content/cache/wmac/css/wmac_single_e029929a3396d833554ec4e31a7afb2f.css
Requested by: Host: oknaforlife.ru
URL: https://oknaforlife.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.42 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.wolf2.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: a85e78997dc0eb8063a75aa245c223a8fbe65936d9aa0d908ba51b7d50f7ab21

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oknaforlife.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 05:20:07 GMT
content-encoding: gzip
last-modified: Mon, 07 Mar 2022 12:53:34 GMT
server: nginx-reuseport/1.21.1
etag: W/"6226004e-5a4"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Sat, 26 Mar 2022 05:20:07 GMT

GET
H2 200 wmac_single_d9eab37de808e978ddb3261575d6a010.css
oknaforlife.ru/wp-content/cache/wmac/css/ 3 KB
982 B 60ms
58ms Stylesheet
text/css 87.236.16.42
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://oknaforlife.ru/wp-content/cache/wmac/css/wmac_single_d9eab37de808e978ddb3261575d6a010.css
Requested by: Host: oknaforlife.ru
URL: https://oknaforlife.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.42 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.wolf2.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 020df39c81cfb633912beba136394d0a5ca8f936d149468784dd28e79bebf509

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oknaforlife.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 05:20:07 GMT
content-encoding: gzip
last-modified: Mon, 07 Mar 2022 12:53:34 GMT
server: nginx-reuseport/1.21.1
etag: W/"6226004e-a0f"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Sat, 26 Mar 2022 05:20:07 GMT

GET
H2 200 wmac_single_c9dc6f1ef374d733a82d1682278e5b55.css
oknaforlife.ru/wp-content/cache/wmac/css/ 286 B
369 B 60ms
59ms Stylesheet
text/css 87.236.16.42
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://oknaforlife.ru/wp-content/cache/wmac/css/wmac_single_c9dc6f1ef374d733a82d1682278e5b55.css
Requested by: Host: oknaforlife.ru
URL: https://oknaforlife.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.42 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.wolf2.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 3d138b2397bc5493f655d6851c415468642419de9f335de648093c8d8a1d407c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oknaforlife.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 05:20:07 GMT
content-encoding: gzip
last-modified: Mon, 07 Mar 2022 12:53:34 GMT
server: nginx-reuseport/1.21.1
etag: W/"6226004e-11e"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Sat, 26 Mar 2022 05:20:07 GMT

GET
H2 200 wmac_single_81a9a25223c2f27967a0b3e92e27aa48.css
oknaforlife.ru/wp-content/cache/wmac/css/ 56 KB
16 KB 61ms
59ms Stylesheet
text/css 87.236.16.42
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://oknaforlife.ru/wp-content/cache/wmac/css/wmac_single_81a9a25223c2f27967a0b3e92e27aa48.css
Requested by: Host: oknaforlife.ru
URL: https://oknaforlife.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.42 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.wolf2.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: a808bb05c364a7238c41674e310abcfc6632f844eed30cb285ead21877c8263c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oknaforlife.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 05:20:07 GMT
content-encoding: gzip
last-modified: Mon, 07 Mar 2022 12:53:34 GMT
server: nginx-reuseport/1.21.1
etag: W/"6226004e-e0de"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Sat, 26 Mar 2022 05:20:07 GMT

GET
H2 200 wmac_single_f38b2db10e01b1572732a3191d538707.css
oknaforlife.ru/wp-content/cache/wmac/css/ 1 KB
683 B 61ms
59ms Stylesheet
text/css 87.236.16.42
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://oknaforlife.ru/wp-content/cache/wmac/css/wmac_single_f38b2db10e01b1572732a3191d538707.css
Requested by: Host: oknaforlife.ru
URL: https://oknaforlife.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.42 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.wolf2.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 21061765237c66c10b48e236063a3497c22d33629e98f8654d1a3b860fa48700

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oknaforlife.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 05:20:07 GMT
content-encoding: gzip
last-modified: Mon, 07 Mar 2022 12:54:30 GMT
server: nginx-reuseport/1.21.1
etag: W/"62260086-532"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Sat, 26 Mar 2022 05:20:07 GMT

GET
H2 200 jquery.fancybox.min.css
oknaforlife.ru/wp-content/plugins/easy-fancybox/css/ 4 KB
1 KB 61ms
59ms Stylesheet
text/css 87.236.16.42
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://oknaforlife.ru/wp-content/plugins/easy-fancybox/css/jquery.fancybox.min.css
Requested by: Host: oknaforlife.ru
URL: https://oknaforlife.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.42 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.wolf2.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: f34bb7d9c8f2db0e78e5d7b226bc169182f8c22e7cd1a3e7b5767519b709c1bc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oknaforlife.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 05:20:07 GMT
content-encoding: gzip
last-modified: Mon, 06 Jan 2020 12:44:27 GMT
server: nginx-reuseport/1.21.1
etag: W/"5e132bab-fda"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Sat, 26 Mar 2022 05:20:07 GMT

GET
H2 200 ytprefs.min.css
oknaforlife.ru/wp-content/plugins/youtube-embed-plus/styles/ 6 KB
2 KB 61ms
60ms Stylesheet
text/css 87.236.16.42
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://oknaforlife.ru/wp-content/plugins/youtube-embed-plus/styles/ytprefs.min.css
Requested by: Host: oknaforlife.ru
URL: https://oknaforlife.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.42 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.wolf2.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: cc29d9f69561a08175e5ce7d2b503dbb202b5a3b6a77e80ceb3830cd9640c1e0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oknaforlife.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 05:20:07 GMT
content-encoding: gzip
last-modified: Mon, 06 Jan 2020 12:44:27 GMT
server: nginx-reuseport/1.21.1
etag: W/"5e132bab-17f9"
vary: Accept-Encoding
content-type: text/css
cache-control: max-age=604800
expires: Sat, 26 Mar 2022 05:20:07 GMT

GET
H2 200 jquery.min.js Show response
ajax.googleapis.com/ajax/libs/jquery/1/ 94 KB
94 KB 66ms
19ms Script
text/javascript 2a00:1450:4001:810::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ajax.googleapis.com/ajax/libs/jquery/1/jquery.min.js

Requested by

Host: oknaforlife.ru
URL: https://oknaforlife.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:810::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oknaforlife.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 11:11:04 GMT
x-content-type-options: nosniff
age: 151743
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 95786
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 19:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="hosted-libraries-pushers"
vary: Accept-Encoding
report-to: {"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
content-type: text/javascript; charset=UTF-8
access-control-allow-origin: *
cache-control: public, max-age=31536000, stale-while-revalidate=2592000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Mar 2023 11:11:04 GMT

GET
H2

200

/ Show response
oknaforlife.ru/
Redirect Chain

https://oknaforlife.ru/wp-content/themes/marafon/js/loadmore.js
https://oknaforlife.ru/

162 KB
50 KB

60ms
60ms

Script
text/html

87.236.16.42
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://oknaforlife.ru/
Requested by: Host: oknaforlife.ru
URL: https://oknaforlife.ru/
Protocol: H2
Server: 87.236.16.42 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.wolf2.beget.com
Software: nginx-reuseport/1.21.1 / PHP/5.6.40
Resource Hash: 8a9abd30808e6387e54e53cb874e3feac92d1e0d474746405acd7db18a519f65

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oknaforlife.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 05:20:07 GMT
content-encoding: gzip
server: nginx-reuseport/1.21.1
x-powered-by: PHP/5.6.40
vary: Accept-Encoding,Cookie
content-type: text/html; charset=UTF-8
cache-control: max-age=3, must-revalidate
content-length: 50838

Redirect headers

date: Sat, 19 Mar 2022 05:20:07 GMT
server: nginx-reuseport/1.21.1
x-powered-by: PHP/5.6.40
vary: Accept-Encoding,Cookie
content-type: text/html; charset=UTF-8
location: https://oknaforlife.ru
cache-control: no-cache, must-revalidate, max-age=0
content-length: 0
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2

200

/ Show response
oknaforlife.ru/
Redirect Chain

https://oknaforlife.ru/wp-includes/js/copyright.min.js
https://oknaforlife.ru/

162 KB
50 KB

61ms
61ms

Script
text/html

87.236.16.42
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://oknaforlife.ru/
Requested by: Host: oknaforlife.ru
URL: https://oknaforlife.ru/
Protocol: H2
Server: 87.236.16.42 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.wolf2.beget.com
Software: nginx-reuseport/1.21.1 / PHP/5.6.40
Resource Hash: 8a9abd30808e6387e54e53cb874e3feac92d1e0d474746405acd7db18a519f65

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oknaforlife.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 05:20:07 GMT
content-encoding: gzip
server: nginx-reuseport/1.21.1
x-powered-by: PHP/5.6.40
vary: Accept-Encoding,Cookie
content-type: text/html; charset=UTF-8
cache-control: max-age=3, must-revalidate
content-length: 50838

Redirect headers

date: Sat, 19 Mar 2022 05:20:07 GMT
server: nginx-reuseport/1.21.1
x-powered-by: PHP/5.6.40
vary: Accept-Encoding,Cookie
content-type: text/html; charset=UTF-8
location: https://oknaforlife.ru
cache-control: no-cache, must-revalidate, max-age=0
content-length: 0
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 FaQ0wZ4C.js Show response
bigreal.org/pushJs/ 25 KB
7 KB 78ms
22ms Script
application/javascript 159.69.75.12
HETZNER-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://bigreal.org/pushJs/FaQ0wZ4C.js
Requested by: Host: oknaforlife.ru
URL: https://oknaforlife.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 159.69.75.12 , Germany, ASN24940 (HETZNER-AS, DE),
Reverse DNS: static.12.75.69.159.clients.your-server.de
Software: cloudflare-nginx /
Resource Hash: 02fa69ebbe36e119dc76cb03d0cead1d658ebda20d1f1a76752f1056da74f72c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oknaforlife.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 05:20:07 GMT
content-encoding: br
last-modified: Fri, 05 Nov 2021 14:12:14 GMT
server: cloudflare-nginx
etag: W/"61853bbe-65cc"
content-type: application/javascript
cache-control: max-age=600, public, must_revalidate
expires: Sat, 19 Mar 2022 05:30:07 GMT

GET
H2 200 uqv768kpy041ji7.php Show response
iexqhm.com/9chl17192vli/p0my30/qh8/867/ 58 KB
19 KB 199ms
56ms Script
application/javascript 62.76.25.28
NETRACK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://iexqhm.com/9chl17192vli/p0my30/qh8/867/uqv768kpy041ji7.php
Requested by: Host: oknaforlife.ru
URL: https://oknaforlife.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: cd7c7f4e6d4b0a2edb7c4bf64e9ba4333e2fd5f520db57e41652bd322e688d78

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oknaforlife.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 05:20:07 GMT
content-encoding: gzip
last-modified: Thu, 10 Mar 2022 10:10:17 GMT
server: nginx/1.14.2
etag: "6229ce89-4b07"
content-type: application/javascript; charset=utf-8
cache-control: no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0
content-length: 19207

GET
H2 200 statistics.js Show response
static20.online/ 13 KB
6 KB 218ms
58ms Script
application/x-javascript 45.130.41.21
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://static20.online/statistics.js
Requested by: Host: oknaforlife.ru
URL: https://oknaforlife.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 45.130.41.21 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.quasar.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 7cb47f56d6d8f8829f831bf4f1132b2e0d848b0289dc69179c0407b931f89b28

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oknaforlife.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 05:20:07 GMT
content-encoding: gzip
last-modified: Sat, 16 May 2020 18:04:32 GMT
server: nginx-reuseport/1.21.1
etag: W/"5ec02b30-3517"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Sat, 26 Mar 2022 05:20:07 GMT

GET
H2 200 tag.js Show response
mc.yandex.ru/metrika/ 199 KB
68 KB 176ms
84ms Script
application/javascript 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/tag.js

Requested by

Host: oknaforlife.ru
URL: https://oknaforlife.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

3f220f3495c96b51b282b05e390230202c948611867f2841cdf8ac30f7fdd427

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oknaforlife.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 05:20:07 GMT
content-encoding: br
last-modified: Thu, 17 Mar 2022 16:16:48 GMT
etag: "623334c0-10fdc"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 69596
expires: Sat, 19 Mar 2022 06:20:07 GMT

GET
H2 200 wmac_64b6de98b109736d012d5300cd712b45.js Show response
oknaforlife.ru/wp-content/cache/wmac/js/ 106 KB
29 KB 63ms
62ms Script
application/x-javascript 87.236.16.42
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://oknaforlife.ru/wp-content/cache/wmac/js/wmac_64b6de98b109736d012d5300cd712b45.js
Requested by: Host: oknaforlife.ru
URL: https://oknaforlife.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.42 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.wolf2.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 3f886200e3899fa1735262a8febab9d7700724b45ad857992bca7875b83de675

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oknaforlife.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 05:20:07 GMT
content-encoding: gzip
last-modified: Mon, 07 Mar 2022 12:54:30 GMT
server: nginx-reuseport/1.21.1
etag: W/"62260086-1a694"
vary: Accept-Encoding
content-type: application/x-javascript
cache-control: max-age=604800
expires: Sat, 26 Mar 2022 05:20:07 GMT

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/ 294 KB
106 KB 50ms
50ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4076205560725900&plah=oknaforlife.ru

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

130a43cca1bff95cb9ddbf237d8a1eacb1bffc24e946906b3724b96c80b3e3c9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oknaforlife.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 05:20:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 108579
x-xss-protection: 0
server: cafe
etag: 1705847376575907447
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Sat, 19 Mar 2022 05:20:07 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220316/r20190131/ Frame 277D 10 KB
5 KB 77ms
24ms Document
text/html 2a00:1450:400e:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220316/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:400e:800::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://oknaforlife.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Fri, 18 Mar 2022 21:22:32 GMT
expires: Fri, 01 Apr 2022 21:22:32 GMT
cache-control: public, max-age=1209600
age: 28655
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 KFOmCnqEu92Fr1Mu4mxK.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 65ms
17ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu4mxK.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,700,700i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://oknaforlife.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 09:48:03 GMT
x-content-type-options: nosniff
age: 70324
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:19 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 18 Mar 2023 09:48:03 GMT

GET
DATA 200
OK truncated
/ 459 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 90b39bf449018b6b090e1f0568253da93a29441b9170926c5c82868a5f072faf

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 322 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 616e113ac0e195d35243fd45637644b809d0247347d8483ab4e65d73f80c02d5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
DATA 200
OK truncated
/ 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 027fcac8e0143549f857677eb19cc7d9359cb996b8b68064d378cb4b9f98a250

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 KFOmCnqEu92Fr1Mu5mxKOzY.woff2
fonts.gstatic.com/s/roboto/v29/ 9 KB
10 KB 80ms
36ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOmCnqEu92Fr1Mu5mxKOzY.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,700,700i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://oknaforlife.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 07:29:47 GMT
x-content-type-options: nosniff
age: 78620
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9688
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:21 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 18 Mar 2023 07:29:47 GMT

GET
DATA 200
OK truncated
/ 68 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: f72fee40ff0cb60502cf88fccb827d5b2a74e80844282c5fd333191a797bd9be

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
DATA 200
OK truncated
/ 64 B
0 Image
image/svg+xml

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 01caf20e667c8e300960582162f912d9405e9895c32cff1a9ee95511fd509a2c

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/svg+xml

GET
H2 200 rating_over.gif
oknaforlife.ru/wp-content/plugins/wp-postratings/images/stars/ 523 B
708 B 57ms
57ms Image
image/gif 87.236.16.42
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://oknaforlife.ru/wp-content/plugins/wp-postratings/images/stars/rating_over.gif
Requested by: Host: oknaforlife.ru
URL: https://oknaforlife.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.42 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.wolf2.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 71348f4f38512af6e6ba8062fe5545a783f91d1a07bcb300c246f1bad9b0d4b6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oknaforlife.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 05:20:07 GMT
last-modified: Mon, 06 Jan 2020 12:44:27 GMT
server: nginx-reuseport/1.21.1
etag: "5e132bab-20b"
content-type: image/gif
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 523
expires: Mon, 18 Apr 2022 05:20:07 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2
fonts.gstatic.com/s/roboto/v29/ 9 KB
9 KB 63ms
41ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfABc4EsA.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,700,700i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

053508cc4ed1acf7db8ed96deca42ffebfa1669c5cecd62f4415b926d07b5aaa

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://oknaforlife.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 18:07:18 GMT
x-content-type-options: nosniff
age: 213169
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9544
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:33 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Mar 2023 18:07:18 GMT

GET
H2 200 KFOkCnqEu92Fr1Mu51xMIzIFKw.woff2
fonts.gstatic.com/s/roboto/v29/ 10 KB
10 KB 66ms
44ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOkCnqEu92Fr1Mu51xMIzIFKw.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,700,700i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d2a4d131bd14a3fa0e89f5dc3fb1c387b0b64e00d93d7709f20972f36dbb2c07

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://oknaforlife.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 09:42:06 GMT
x-content-type-options: nosniff
age: 70681
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10300
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:20 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Sat, 18 Mar 2023 09:42:06 GMT

GET
H2 200 KFOlCnqEu92Fr1MmWUlfBBc4.woff2
fonts.gstatic.com/s/roboto/v29/ 15 KB
16 KB 42ms
23ms Font
font/woff2 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/roboto/v29/KFOlCnqEu92Fr1MmWUlfBBc4.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Roboto:400,400i,500,700,700i&subset=cyrillic

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://fonts.googleapis.com/
Origin: https://oknaforlife.ru
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Wed, 16 Mar 2022 17:56:19 GMT
x-content-type-options: nosniff
age: 213828
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/apps-themes
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15828
x-xss-protection: 0
last-modified: Wed, 22 Sep 2021 16:13:28 GMT
server: sffe
report-to: {"group":"apps-themes","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/apps-themes"}]}
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="apps-themes"
expires: Thu, 16 Mar 2023 17:56:19 GMT

GET
H2

200

/ Show response
oknaforlife.ru/
Redirect Chain

https://oknaforlife.ru/sFaQ0wZ4C.js
https://oknaforlife.ru/

162 KB
50 KB

61ms
61ms

XHR
text/html

87.236.16.42
BEGET-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://oknaforlife.ru/
Requested by: Host: oknaforlife.ru
URL: https://oknaforlife.ru/
Protocol: H2
Server: 87.236.16.42 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.wolf2.beget.com
Software: nginx-reuseport/1.21.1 / PHP/5.6.40
Resource Hash: 8a9abd30808e6387e54e53cb874e3feac92d1e0d474746405acd7db18a519f65

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oknaforlife.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 05:20:08 GMT
content-encoding: gzip
server: nginx-reuseport/1.21.1
x-powered-by: PHP/5.6.40
vary: Accept-Encoding,Cookie
content-type: text/html; charset=UTF-8
cache-control: max-age=3, must-revalidate
content-length: 50838

Redirect headers

date: Sat, 19 Mar 2022 05:20:08 GMT
server: nginx-reuseport/1.21.1
x-powered-by: PHP/5.6.40
vary: Accept-Encoding,Cookie
content-type: text/html; charset=UTF-8
location: https://oknaforlife.ru
cache-control: no-cache, must-revalidate, max-age=0
content-length: 0
expires: Wed, 11 Jan 1984 05:00:00 GMT

GET
H2 200 joxi_screenshot_1582041255116.png
oknaforlife.ru/wp-content/uploads/2020/02/ 12 KB
13 KB 59ms
57ms Image
image/png 87.236.16.42
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://oknaforlife.ru/wp-content/uploads/2020/02/joxi_screenshot_1582041255116.png
Requested by: Host: oknaforlife.ru
URL: https://oknaforlife.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.42 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.wolf2.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: d15c82df5c2fe55ff8c2184e00eb57948111e5e6dd6bd9c3bb765986b9b4b2a9

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oknaforlife.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 05:20:07 GMT
last-modified: Tue, 18 Feb 2020 15:54:58 GMT
server: nginx-reuseport/1.21.1
etag: "5e4c08d2-3142"
content-type: image/png
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 12610
expires: Mon, 18 Apr 2022 05:20:07 GMT

GET
H2 200 a6066c5502315a8_320x200.jpg
oknaforlife.ru/wp-content/cache/thumb/a8/ 7 KB
7 KB 59ms
57ms Image
image/jpeg 87.236.16.42
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://oknaforlife.ru/wp-content/cache/thumb/a8/a6066c5502315a8_320x200.jpg
Requested by: Host: oknaforlife.ru
URL: https://oknaforlife.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.42 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.wolf2.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 7793aca0f8c146134a0096ea8c91a340a2c997bfd593613f09d955065e0faf96

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oknaforlife.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 05:20:07 GMT
last-modified: Mon, 07 Mar 2022 12:54:18 GMT
server: nginx-reuseport/1.21.1
etag: "6226007a-1b3b"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 6971
expires: Mon, 18 Apr 2022 05:20:07 GMT

GET
H2 200 13c5ed8132dea75_320x200.jpg
oknaforlife.ru/wp-content/cache/thumb/75/ 16 KB
16 KB 59ms
58ms Image
image/jpeg 87.236.16.42
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://oknaforlife.ru/wp-content/cache/thumb/75/13c5ed8132dea75_320x200.jpg
Requested by: Host: oknaforlife.ru
URL: https://oknaforlife.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.42 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.wolf2.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: f70d2f899dcdb336642ade442596b9786c4fe4a98e0a7489dbce7a648d6a67aa

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oknaforlife.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 05:20:07 GMT
last-modified: Mon, 07 Mar 2022 12:54:18 GMT
server: nginx-reuseport/1.21.1
etag: "6226007a-40a0"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 16544
expires: Mon, 18 Apr 2022 05:20:07 GMT

GET
H2 200 20d018b41346519_320x200.jpg
oknaforlife.ru/wp-content/cache/thumb/19/ 14 KB
14 KB 59ms
58ms Image
image/jpeg 87.236.16.42
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://oknaforlife.ru/wp-content/cache/thumb/19/20d018b41346519_320x200.jpg
Requested by: Host: oknaforlife.ru
URL: https://oknaforlife.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.42 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.wolf2.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 40aa7f405097c72998c85b480b8df7d7b905b5f0a3751892032358c18cd74ade

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oknaforlife.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 05:20:07 GMT
last-modified: Mon, 07 Mar 2022 12:54:18 GMT
server: nginx-reuseport/1.21.1
etag: "6226007a-36a6"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 13990
expires: Mon, 18 Apr 2022 05:20:07 GMT

GET
H2 200 2068ae3be88e08b_320x200.jpg
oknaforlife.ru/wp-content/cache/thumb/8b/ 8 KB
8 KB 59ms
58ms Image
image/jpeg 87.236.16.42
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://oknaforlife.ru/wp-content/cache/thumb/8b/2068ae3be88e08b_320x200.jpg
Requested by: Host: oknaforlife.ru
URL: https://oknaforlife.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.42 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.wolf2.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 1baa8dfef83f71cf0101b5badfbf838b90ab295238253e9664086a6cb6debe18

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oknaforlife.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 05:20:07 GMT
last-modified: Mon, 07 Mar 2022 12:54:19 GMT
server: nginx-reuseport/1.21.1
etag: "6226007b-20d4"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 8404
expires: Mon, 18 Apr 2022 05:20:07 GMT

GET
H2 200 1978830143654b4_320x200.jpg
oknaforlife.ru/wp-content/cache/thumb/b4/ 8 KB
8 KB 60ms
59ms Image
image/jpeg 87.236.16.42
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://oknaforlife.ru/wp-content/cache/thumb/b4/1978830143654b4_320x200.jpg
Requested by: Host: oknaforlife.ru
URL: https://oknaforlife.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.42 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.wolf2.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 105dade1b61fc4b1ddde45c3b8bccba4a2c308cc0b63edb76e73e7bc659a6932

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oknaforlife.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 05:20:07 GMT
last-modified: Mon, 07 Mar 2022 12:54:19 GMT
server: nginx-reuseport/1.21.1
etag: "6226007b-1fe0"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 8160
expires: Mon, 18 Apr 2022 05:20:07 GMT

GET
H2 200 bb169596330dcd9_320x200.jpg
oknaforlife.ru/wp-content/cache/thumb/d9/ 8 KB
8 KB 60ms
59ms Image
image/jpeg 87.236.16.42
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://oknaforlife.ru/wp-content/cache/thumb/d9/bb169596330dcd9_320x200.jpg
Requested by: Host: oknaforlife.ru
URL: https://oknaforlife.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.42 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.wolf2.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 13d20ed0ea0cea46cbf945f675dd52eff111575d8af95eecb45e3491e1f76e08

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oknaforlife.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 05:20:07 GMT
last-modified: Mon, 07 Mar 2022 12:54:19 GMT
server: nginx-reuseport/1.21.1
etag: "6226007b-2122"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 8482
expires: Mon, 18 Apr 2022 05:20:07 GMT

GET
H2 200 photo_2020-01-03_15-12-18.jpg
oknaforlife.ru/wp-content/uploads/2020/01/ 14 KB
14 KB 60ms
59ms Image
image/jpeg 87.236.16.42
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://oknaforlife.ru/wp-content/uploads/2020/01/photo_2020-01-03_15-12-18.jpg
Requested by: Host: oknaforlife.ru
URL: https://oknaforlife.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 87.236.16.42 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS: ssl.wolf2.beget.com
Software: nginx-reuseport/1.21.1 /
Resource Hash: 808d7bc203908d943ccac89a8d805b4a9649bbb2e8bdda0e0395b5e8dc77cf00

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oknaforlife.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 05:20:07 GMT
last-modified: Mon, 06 Jan 2020 12:48:05 GMT
server: nginx-reuseport/1.21.1
etag: "5e132c85-3698"
content-type: image/jpeg
cache-control: max-age=2592000
accept-ranges: bytes
content-length: 13976
expires: Mon, 18 Apr 2022 05:20:07 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 218 B
647 B 76ms
32ms Script
text/javascript 142.250.184.226
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=oknaforlife.ru&callback=_gfp_s_&client=ca-pub-4076205560725900

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/show_ads_impl_with_ama_fy2019.js?client=ca-pub-4076205560725900&plah=oknaforlife.ru

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.184.226 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s12-in-f2.1e100.net

Software

cafe /

Resource Hash

829f231f055f828b1fb3357c6e7a5ac7949285948ae27ecaf41f1b3bb25dad24

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oknaforlife.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 05:20:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 203
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
792 B 77ms
27ms Script
application/javascript 2a00:1450:4001:803::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=oknaforlife.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:803::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oknaforlife.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 19 Mar 2022 05:20:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
549 B 78ms
29ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=oknaforlife.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oknaforlife.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 19 Mar 2022 05:20:07 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 98CB 227 KB
57 KB 458ms
430ms Document
text/html 2a00:1450:400e:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-4076205560725900&output=html&adk=1812271804&adf=3025194257&lmt=1647667207&plat=3%3A32%2C4%3A32%2C9%3A32776%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=https%3A%2F%2Foknaforlife.ru%2F&ea=0&flash=0&pra=5&wgl=1&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&dt=1647667207546&bpp=263&bdt=169&idt=347&shv=r20220316&mjsv=m202203100101&ptt=9&saldr=aa&abxe=1&nras=1&correlator=2322646096123&frm=20&pv=2&ga_vid=1519084285.1647667208&ga_sid=1647667208&ga_hid=923935625&ga_fc=0&u_tz=0&u_his=2&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_sd=1&dmc=8&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=44759876%2C44759927%2C44759837%2C42530891%2C42531397%2C44750774%2C31065370&oid=2&pvsid=1480384292048340&pem=51&tmod=1933534315&uas=0&nvt=1&eae=2&fc=1920&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=32768&bc=31&ifi=1&uci=a!1&fsb=1&dtd=359

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:800::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fb61ac11c864bf22608d0a21011536a89de048a06b2fd89337a15959673309d6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://oknaforlife.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Sat, 19 Mar 2022 05:20:08 GMT
server: cafe
content-length: 58577
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 19 Mar 2022 05:20:08 GMT
cache-control: private

GET
H2

400

sync_cookie_image_decide
mc.yandex.com/
Redirect Chain

https://mc.yandex.com/sync_cookie_image_check
https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9582.zKCdzbdjRn-EsLkyQDZ6X1DhGhiXpPql3bKuyxGOVvungy5woKwyU8T6lV-m9OTB.7m6KhVmIMuRsdlu8UJk1G09hl0M%2C
https://mc.yandex.com/sync_cookie_image_decide?token=9582.X4geT3qDtdBleriH2_iO9CTMJHR8VAhCOxeNxT3TpedEKhV1l_ZgNsyzr1v3bMzO8jUvNuETjPguo1nrm3ZjIA%2C%2C.FR0OQZT-2u11epTfh7hJWcAMdbA%2C

75 B
75 B

42ms
42ms

Image
text/html

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/sync_cookie_image_decide?token=9582.X4geT3qDtdBleriH2_iO9CTMJHR8VAhCOxeNxT3TpedEKhV1l_ZgNsyzr1v3bMzO8jUvNuETjPguo1nrm3ZjIA%2C%2C.FR0OQZT-2u11epTfh7hJWcAMdbA%2C

Requested by

Host: oknaforlife.ru
URL: https://oknaforlife.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oknaforlife.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 05:20:08 GMT
strict-transport-security: max-age=31536000
content-length: 75
x-xss-protection: 1; mode=block
content-type: text/html; charset=utf-8

Redirect headers

location: https://mc.yandex.com/sync_cookie_image_decide?token=9582.X4geT3qDtdBleriH2_iO9CTMJHR8VAhCOxeNxT3TpedEKhV1l_ZgNsyzr1v3bMzO8jUvNuETjPguo1nrm3ZjIA%2C%2C.FR0OQZT-2u11epTfh7hJWcAMdbA%2C
date: Sat, 19 Mar 2022 05:20:08 GMT
strict-transport-security: max-age=31536000
x-xss-protection: 1; mode=block

GET
H2 200 advert.gif
mc.yandex.com/metrika/ 43 B
160 B 46ms
43ms Image
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.com/metrika/advert.gif

Requested by

Host: oknaforlife.ru
URL: https://oknaforlife.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oknaforlife.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 05:20:08 GMT
last-modified: Thu, 17 Mar 2022 16:16:48 GMT
etag: "623334c0-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Sat, 19 Mar 2022 06:20:08 GMT

GET
H2 200 render Show response
iexqhm.com/v1/ 13 KB
4 KB 204ms
91ms XHR
text/html 62.76.25.28
NETRACK-AS

General

Check archive.org

Show headers Download Go to

Full URL: https://iexqhm.com/v1/render?surfer_uuid=6f1c00b0-d898-478c-814c-69202a59d4f9&referrer=https%3A%2F%2Foknaforlife.ru%2F&page_load_uuid=4e7b7e8d-89ad-4cda-bc6f-8a55d8959c5f&page_depth=1&nhcxcr456v=28354471-c304-41e9-91fe-c472e28e6542&block_uuid=28354471-c304-41e9-91fe-c472e28e6542&refresh_depth=1&safari_multiple_request=610
Requested by: Host: iexqhm.com
URL: https://iexqhm.com/9chl17192vli/p0my30/qh8/867/uqv768kpy041ji7.php
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: a0a4ef0785ba4ad33ed14b2d92ac886eec34a2de3d35ad5207063c26064f3416

Request headers

Referer: https://oknaforlife.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-type: application/x-www-form-urlencoded

Response headers

pragma: no-cache
date: Sat, 19 Mar 2022 05:20:08 GMT
content-encoding: gzip
server: nginx/1.14.2
content-type: text/html; charset=UTF-8
access-control-allow-origin: *
cache-control: private, must-revalidate
expires: -1

GET sFaQ0wZ4C.js
oknaforlife.ru/ Frame 0
0

GET
H2

200

1 Show response
mc.yandex.com/watch/56921500/
Redirect Chain

https://mc.yandex.com/watch/56921500?wmode=7&page-url=https%3A%2F%2Foknaforlife.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvhnsftt6hmgv%3Afp%3A1679%3Afu%3A0%3Aen%3Autf-8%3Ala...
https://mc.yandex.com/watch/56921500/1?wmode=7&page-url=https%3A%2F%2Foknaforlife.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvhnsftt6hmgv%3Afp%3A1679%3Afu%3A0%3Aen%3Autf-8%3A...

357 B
439 B

43ms
43ms

XHR
application/json

2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/watch/56921500/1?wmode=7&page-url=https%3A%2F%2Foknaforlife.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvhnsftt6hmgv%3Afp%3A1679%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A1250288449475%3Ahid%3A956707004%3Az%3A0%3Ai%3A20220319052008%3Aet%3A1647667208%3Ac%3A1%3Arn%3A123114014%3Arqn%3A1%3Au%3A1647667208218611687%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1647667206143%3Ads%3A422%2C117%2C113%2C58%2C577%2C0%2C%2C420%2C1%2C%2C%2C%2C1732%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1647667208%3At%3AOknaForLife.ru%20-%20%D0%A1%D1%82%D1%80%D0%BE%D0%B8%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB&t=gdpr%2814%29aw%281%29ti%282%29

Requested by

Host: oknaforlife.ru
URL: https://oknaforlife.ru/

Protocol

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

f805b10542de28f6b4addcf10942a15ababbef0748d7fa7c78e6312234a06ab7

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oknaforlife.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Mar 2022 05:20:08 GMT
x-content-type-options: nosniff
last-modified: Sat, 19-Mar-2022 05:20:08 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: https://oknaforlife.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 357
x-xss-protection: 1; mode=block
expires: Sat, 19-Mar-2022 05:20:08 GMT

Redirect headers

pragma: no-cache
date: Sat, 19 Mar 2022 05:20:08 GMT
last-modified: Sat, 19-Mar-2022 05:20:08 GMT
location: /watch/56921500/1?wmode=7&page-url=https%3A%2F%2Foknaforlife.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A7oivoclvhnsftt6hmgv%3Afp%3A1679%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A760%3Acn%3A1%3Adp%3A0%3Als%3A1250288449475%3Ahid%3A956707004%3Az%3A0%3Ai%3A20220319052008%3Aet%3A1647667208%3Ac%3A1%3Arn%3A123114014%3Arqn%3A1%3Au%3A1647667208218611687%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Acpf%3A1%3Ans%3A1647667206143%3Ads%3A422%2C117%2C113%2C58%2C577%2C0%2C%2C420%2C1%2C%2C%2C%2C1732%3Awv%3A2%3Aco%3A0%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1647667208%3At%3AOknaForLife.ru%20-%20%D0%A1%D1%82%D1%80%D0%BE%D0%B8%D1%82%D0%B5%D0%BB%D1%8C%D0%BD%D1%8B%D0%B9%20%D0%BF%D0%BE%D1%80%D1%82%D0%B0%D0%BB&t=gdpr%2814%29aw%281%29ti%282%29
strict-transport-security: max-age=31536000
access-control-allow-origin: https://oknaforlife.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
x-xss-protection: 1; mode=block
expires: Sat, 19-Mar-2022 05:20:08 GMT

GET
H2 200 d0362209ac84254b.jpeg
iexqhm.com/.cdn/3a8241/e45ee7/a8e136eba6254e0c839b0b5ce094824d/ 22 KB
22 KB 57ms
56ms Image
image/jpeg 62.76.25.28
NETRACK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iexqhm.com/.cdn/3a8241/e45ee7/a8e136eba6254e0c839b0b5ce094824d/d0362209ac84254b.jpeg
Requested by: Host: oknaforlife.ru
URL: https://oknaforlife.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: b75dd77b606aedc55bafd7ff855105060fe9840a83083ce1180b91e9b457ccd6

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oknaforlife.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 05:20:08 GMT
last-modified: Thu, 03 Mar 2022 10:39:04 GMT
server: nginx/1.14.2
etag: "62209ac8-57e3"
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: *
content-length: 22499

GET
H2 200 d036232de9273daa.jpeg
iexqhm.com/.cdn/3a8241/e45ee7/93ec699c94a5429bbd076ff9c313ebed/ 30 KB
30 KB 112ms
112ms Image
image/jpeg 62.76.25.28
NETRACK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iexqhm.com/.cdn/3a8241/e45ee7/93ec699c94a5429bbd076ff9c313ebed/d036232de9273daa.jpeg
Requested by: Host: oknaforlife.ru
URL: https://oknaforlife.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 3ceb7ae66d6b147bb7bc7a7ff2f1ccd8ac00810d2ff71d31784c787eeb214bc1

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oknaforlife.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 05:20:08 GMT
last-modified: Thu, 17 Mar 2022 07:09:06 GMT
server: nginx/1.14.2
etag: "6232de92-7857"
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: *
content-length: 30807

GET
H2 200 d0361cc0611d8db0.jpeg
iexqhm.com/.cdn/05a5cf/c20ad4/d902968033a24558918f102b2e1ffeda/ 12 KB
12 KB 167ms
167ms Image
image/jpeg 62.76.25.28
NETRACK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://iexqhm.com/.cdn/05a5cf/c20ad4/d902968033a24558918f102b2e1ffeda/d0361cc0611d8db0.jpeg
Requested by: Host: oknaforlife.ru
URL: https://oknaforlife.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_128_GCM
Server: 62.76.25.28 Moscow, Russian Federation, ASN61400 (NETRACK-AS, RU),
Reverse DNS
Software: nginx/1.14.2 /
Resource Hash: 6491cb19959bce444b9952b5514d725d2ceceb52ab171edfbccfcafcbe675b9e

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oknaforlife.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 05:20:08 GMT
last-modified: Wed, 29 Dec 2021 06:54:09 GMT
server: nginx/1.14.2
etag: "61cc0611-2ee0"
content-type: image/jpeg
access-control-allow-origin: *
accept-ranges: bytes
access-control-allow-headers: *
content-length: 12000

GET
H3 200 css
fonts.googleapis.com/ 12 KB
827 B 54ms
27ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Roboto:100,200,300,400,500,600,700,800,900

Requested by

Host: oknaforlife.ru
URL: https://oknaforlife.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ba5c75008a133ef73a0eb980a0c37c168b6bd5db7279a90105697670440eeedf

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oknaforlife.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 19 Mar 2022 04:07:36 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 19 Mar 2022 05:20:08 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 19 Mar 2022 05:20:08 GMT

GET
H3 200 reactive_library_fy2019.js Show response
pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/ 151 KB
54 KB 45ms
44ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/managed/js/adsense/m202203100101/reactive_library_fy2019.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7b29adb9fb1a4c336ec3b6bc909840f41416fecc9126cec31e17fb680116d0c0

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oknaforlife.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 05:20:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 54936
x-xss-protection: 0
server: cafe
etag: 1085165587919947058
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=1209600
timing-allow-origin: *
expires: Sat, 19 Mar 2022 05:20:08 GMT

GET
H3 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
122 B 61ms
34ms Script
application/javascript 2a00:1450:400e:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=oknaforlife.ru

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:800::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oknaforlife.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 19 Mar 2022 05:20:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3="googleads.g.doubleclick.net:443"; ma=2592000,h3=":443"; ma=2592000,h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
122 B 54ms
28ms Script
application/javascript 2a00:1450:4001:827::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=oknaforlife.ru

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:827::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oknaforlife.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 19 Mar 2022 05:20:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/ Frame 8312 10 KB
4 KB 25ms
25ms Document
text/html 2a00:1450:400e:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:800::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://oknaforlife.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Fri, 18 Mar 2022 22:51:20 GMT
expires: Fri, 01 Apr 2022 22:51:20 GMT
cache-control: public, max-age=1209600
age: 23328
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/ Frame 956F 10 KB
4 KB 25ms
25ms Document
text/html 2a00:1450:400e:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:800::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://oknaforlife.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 4502
x-xss-protection: 0
date: Fri, 18 Mar 2022 22:51:20 GMT
expires: Fri, 01 Apr 2022 22:51:20 GMT
cache-control: public, max-age=1209600
age: 23328
etag: 4044455266028820542
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3 200 css2
fonts.googleapis.com/ Frame 8312 4 KB
634 B 27ms
27ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css2?family=Roboto:wght@400;700&display=swap

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 19 Mar 2022 05:10:51 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 19 Mar 2022 05:20:08 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 19 Mar 2022 05:20:08 GMT

GET
H2 200 feedback_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 8312 205 B
519 B 72ms
22ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/feedback_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 11:07:18 GMT
x-content-type-options: nosniff
age: 65570
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 205
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sat, 18 Mar 2023 11:07:18 GMT

GET
H2 200 settings_grey600_24dp.png
www.gstatic.com/images/icons/material/system/2x/ Frame 8312 604 B
695 B 72ms
23ms Image
image/png 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.gstatic.com/images/icons/material/system/2x/settings_grey600_24dp.png

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 01:40:36 GMT
x-content-type-options: nosniff
age: 13172
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 604
x-xss-protection: 0
last-modified: Tue, 22 Oct 2019 18:15:00 GMT
server: sffe
vary: Origin
report-to: {"group":"static-on-bigtable","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/static-on-bigtable"}]}
content-type: image/png
cache-control: public, max-age=31536000
accept-ranges: bytes
cross-origin-opener-policy-report-only: same-origin; report-to="static-on-bigtable"
expires: Sun, 19 Mar 2023 01:40:36 GMT

GET
H2 200 interstitial_ad_frame_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/elements/html/ Frame 8312 19 KB
9 KB 68ms
18ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/elements/html/interstitial_ad_frame_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4cc8248c65b1d5277d920cd0aaadaf2d0b0aeb2c31c3078171127866ad304b7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 04:51:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1742
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 8355
x-xss-protection: 0
server: cafe
etag: 4666862433802105431
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Apr 2022 04:51:06 GMT

GET
H3 200 pixel Show response
googleads.g.doubleclick.net/xbbe/ Frame A2E6 624 B
300 B 55ms
55ms Document
text/html 2a00:1450:400e:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/xbbe/pixel?d=CJClsJ4CEKDVu6ECGM6S-cIBMAE&v=APEucNW6CoJbnVxbSTvxUtdjcH0wmj0Dfjyhnjv5wE4xu4QyiRxLJ0fAXCm6v1tzH_CR98oq-OA3gvEetPx8LhsO-uf7q487tmuttYet9CCOjZTOrW09aqEkL-kceQWVMecJ5pRKgAI5R1O0jbjI5xZoCTxg5siAvKJmtwp1pEo9T20HO0sY3iI

Requested by

Host: oknaforlife.ru
URL: https://oknaforlife.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:800::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Sat, 19 Mar 2022 05:20:08 GMT
server: cafe
cache-control: private
content-length: 276
x-xss-protection: 0
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Sat, 19 Mar 2022 05:20:08 GMT

GET
H3 200 ad Show response
googleads.g.doubleclick.net/dbm/ Frame 1C64 76 KB
32 KB 68ms
67ms Script
text/javascript 2a00:1450:400e:800::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BCUR0L7xNxjkE7OAAyND1yJTowBq1csoVMyVwVyiI9Tkgfwez34lHAbYgBbIDZnMNkjebuYOzf62ZkIeqwQSwhl10jHmoVWz5ySqhXNXZvFiNjbng2Q0jBhucb2igmqbU0xfHT2XmH4DQYRny94qPcgyMrOA&dbm_d=AKAmf-DOM739om7nTL5vVOQ2B2w0F1f2sB0wMqGNlLtPnD-K9sk8nHwkosZdLVvk-RjLUgmLFZo41V8Nu4fnIaBSOBn605DbglR7Y3pHQUz-M0T96YEX9uk-bXvna5jDIMOHXDt5SuPfbxOZNiIj7YhI_lHlI6UWyl8-pPo1ZteAYVFLVVnHmPQvPQkG0CgwF7RH4FKI4_qFMheE0IR5wxMyaHNBaxD__y2yLTUy6pfjMvPe0Y9tHyqJ89HaosJWVT0mLPHSP_0jV0q60rNWozr5POP-GmQ5NS5WGILaxXhlLjkB5LN3PBTfUOw25cOUWaiDzcuUzMW88nyMRwikkvFrxZ8GO-_B3nYV8NzLUJu-OyLjvOub00v3f1oubE_Aq0AaSZAM98qJJou-qBdAMFPIxCgDpHBf4WFnybNKFd57Ag7UEtueAobkS5SgIKCSDdKdcK50uLRiKl_oNINguYH6XJgShQ0_0Bm9uJ1aUIAfZKb4oB2WdNo2lhWC1RN4FnWbnJjUE8Vl--LIVhHWvCtPZIN5mUnomoxBIFmmiCz0qGzaamyIymSr_-a8anmnUxb3P4vmiz8GQUdBy2PcH99RqKT7Rrj3KqTJS1igXK2DghTnI42Wvs0xqVQwenvFnyB59ZKXcQtfUyzD4PcVSESDXf888_ywD7NaLonj4cXnsQsiw1xOHluLilTMnn6qHxcG2cMcSX9ANgLPwoorvzEP0HBYXmJrkf4pQ7TBNfiO6z42pF0NP2koC2UkWPQ7jLlDMVPjnD9Y9pSYVtbdduWcUm9AxoCZUAMyAxt0gUBaw7JtbpDq4mHBgbREBMOlWSnRwkuBq4Y-XHR5FcWxRio_6t9_h0LFvSj5Sxv5yEYOSTvvh4WhmSR8qoBCgVJi1ugY0N6JCiNtA4Otjm5MCN0qTAdVGH2scFxwP5Q5dm8YhU71YxeS8htr96H8HyQJojMS9mVnZXWyYrOCnxESplSX-5Ji2UbmvxB9ld9TLbuv_-UznpYPmefE_-0Y61JuwbqODWzalXQ2iPXIAgHblKggWAqxo6eSnpmBIQh6olTYMik5sQ_RY73UQNKEzNvC6m0BXh5F0k_mJl73CU_KE97yulMQcRX7WzG0TnQb8QARget4FSM1uyCSXsJ-jRW4Qfe1edQugRiTSCkQKPoZTPu-cEzdwBJco14PbvrqHk-lU4k9kYb2evZ5LAhU2t6o7ZiFGWZVUmGhG64CXDphbiezB9MjPlPFN6pmNzpIoY3AFQWsjdZngebfrHjCIB7-IOslhZXnBuUtcgf30QvREzQ1lcvG423AP84-rh6a1TWsWowXBkGmcBeVqgYz7KErPT9T1L_ZwqI7Zs6uBlGewrosXuW009fpxA9n5jJlQnhXWeCEuFhtE6M91U40fSVsobG49dKcFfR30L-3alX7qMjXhLQ7NF5xJ1YC2cGowal_8upu9JFEc-5glZ_0HXVwpgnXgkD7bB_VQT9Kd3RAsdNZ0JLu3BC6vzw4-M7P-r6SeBRVPUJfqqyrwrH7umibG5XOfMojtfNTCCQ3WRZw2k9H9rURHCWYD3vLZBQLjdCRTUFpOQkUfghV8K6Q8yg_P13c_XYhdSBMLNVjzupMADySKwrYoaWkX1ltY31O42C7peDq-H0fd5OlOKwqMUQS-85nAUWeKw5MhQc0yQtfGvRafquTymfKqZMEiKWYMCmPhzNtLlPcgo-s5yBpZ-laRpJA-DjTTLdp_NgTgBzB9IM0MKwP2K6i9Jfgo4CngCJgPvSRWVK2SCfo-fZYMb3CKXcWDnYRUIsfqzLiyMrDqn8vxgq-qqMVYyXg8tFRwWmqA-oP6smNbdRj-69O08xwAnfBV-845vdLloD4hFUWuYaD-6wXSYsVf-Rx2dQ2wwSmkwWWQAOZkBfkHDjhpKn9Yzr41zdu-4v6QBBTopppq5a5LtjRYELUhkb0IX4NIyetQ3JrqlHs-XGrMGDyGexQjTwZKtqaxcKskc3tzzy5EQSUSyIF6ZinrQbQYSURjUMkWmfLFtVTM33dlZcbbj6aGdMORxJFQS4QMeg3yDre0dLRdZgbFtxf1MQPGohRhCRnneyFrML61htEyIkqJOmpS6sC9qdW1zCq92D7wVwnER6B-X15w17rQRhRHBcKI7Rq5__IIwF6_X5KWTnpzUEzTVVGF3s2jgb0XcjIvqNQ3zXPyyI7hePGmH-NhKxYfI3ii5ars1k4yWdxTNCDiQAtj29-m7dwrXr8iCHm4zcSiQCuxbnhq6K3KOmvJgSAG4h-b9GKur-28uDngmZk8lukNwtid-Y83QZKYZ_GeOG0dLa8kuAzS734kYk0qDNPU21BWeclogGvXmUNMH__e_Iw6juPG9eI2-ZZ5yptmm65EyN-hx-Yy0kE-KqJD8FLl7RE1KilIKwX_09LKeW8eKC4LbNxZ2EAZSbwHsWQo28HMMejVyIL7bVqapScPofM42ETV5T6WydVfHwTjbG3FH1ocO7I62J8aEaxZBDgsRI9j9wEFKLHDSXR5ug7bLOG69ax4BPedfSGOH7mlp9Vuy_hKlbBmDzoDF8xS2FrhwwpssfE6lYK7PGU3f3dwATpIg0SpTaLxTGo-WQNcRbrLMrAku0kW4X_j8pn7rrABJ1p1LsB2Xm2jC047LbBtPx1pUWskgNfsnfCl8uRzKYJgU2_9b6eNB8D-Fo2GN114GXP8vCDtb79dSMyTXrNdhEV3x7XgzitFIK6tiF6j-JO5adeau_8b7QfxNqqPRxTCwRE92jAXTb4ornabLuS_XLWyMxWpy1DAviHkiAkqZ5PoQ4PzckdaR1OELh_gDwBB8vAKPWGgWKhNkLQ_x9Vs-cE0npqNoZr44nl3UBARgDe3CPHaXaagMoulVB0-Gkbcw01k2Ql8qbgJRu9PYqcZV9XJIP_ua6wthGdPszsktv7wlbfNbqect9VgPKBc9uc--olXGabCgEBx3v-FMeH9LIsDX7pFKxvjq0_VXiPIENncbxg_91PLeELNH-SN822gTxuHMgdhZ_A0WxcpNco6J1_zzc2CfaErI7Ifp-N4TN4FVxJozpG12uPtaTVkjiPNG1JUs3CZ84Xm5zD7ToGAVo1hJgJgC69tnvEc-9-5RvNoIZ3se8CarxfzxMj5n3UmxRMn6SWl1o-b_m2Ua-F7Su20pQ3ysd8zigJyOjQO2b3iIf5xtwHfpP8d71-IF5S6sXKBRciGWNwd9JgVWSWvBQYjEleZqm-MN6TTB-HVq0LvU2wnaE3Nccm2bnJaSU7wocTOEirq9gpFfeF9A&cid=CAASBORovQM&rfl=2%2Chttps%253A%252F%252Foknaforlife.ru%252F%240

Requested by

Host: oknaforlife.ru
URL: https://oknaforlife.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:400e:800::2002 , Ireland, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68a74a74c220c0fc309cd27ba582285f5df81d8fa011bd71f145c23e12e5f5fe

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Mar 2022 05:20:08 GMT
content-encoding: br
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: text/javascript; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 32656
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame 1C64 2 KB
1 KB 76ms
38ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/window_focus_fy2019.js

Requested by

Host: oknaforlife.ru
URL: https://oknaforlife.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 05:06:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 797
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Apr 2022 05:06:51 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame 1C64 15 KB
6 KB 59ms
21ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: oknaforlife.ru
URL: https://oknaforlife.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 04:37:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2542
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Apr 2022 04:37:46 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 1C64 117 KB
36 KB 75ms
31ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: oknaforlife.ru
URL: https://oknaforlife.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 05:20:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647431472276194"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 19 Mar 2022 05:20:08 GMT

GET
H3 200 gen_204
pagead2.googlesyndication.com/pagead/ Frame 1C64 42 B
63 B 53ms
53ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=xbid&dbm_b=AKAmf-ABM9-OSg_01c8v0g3dIqaF9u_KmG9DVaVRzKSKG8l9vQnOJ9oBFIt5XCTmMbcnUDh8t6F3LtKEvMLPyyHCQV1V5A2LCd4RX1RpR8UM0Uzc4tmvu7A

Requested by

Host: oknaforlife.ru
URL: https://oknaforlife.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Mar 2022 05:20:08 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

/
alfabank.ru/get-money/credit-cards/land/100-days-cpa/
Redirect Chain

https://ad.admitad.com/g/i352cbwpfvd7bbbf08bf1cb5598fff/
https://alfabank.ru/get-money/credit-cards/land/100-days-cpa/?platformId=alfapartners_cpa_118_CC-visaclassic-70field-sale-162273-0-admitad-237669-cpanetwork_bcddc4b3a0371778876d4cc3db530e7d&afclick...

0
0

4745ms
1011ms

Image
text/html

217.12.104.100
ALFA-BANK-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://alfabank.ru/get-money/credit-cards/land/100-days-cpa/?platformId=alfapartners_cpa_118_CC-visaclassic-70field-sale-162273-0-admitad-237669-cpanetwork_bcddc4b3a0371778876d4cc3db530e7d&afclick=bcddc4b3a0371778876d4cc3db530e7d&utm_source=alfapartners&utm_medium=cpa&utm_campaign=118&utm_content=alfapartners_cpa_118_CC-visaclassic-70field-sale-162273-0-admitad-237669-cpanetwork_bcddc4b3a0371778876d4cc3db530e7d&card=master_card_mass&utm_term=bcddc4b3a0371778876d4cc3db530e7d&sub2=10&sub3=1cb5598fff
Requested by: Host: oknaforlife.ru
URL: https://oknaforlife.ru/
Protocol: HTTP/1.1
Server: 217.12.104.100 , Russian Federation, ASN15632 (ALFA-BANK-AS, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oknaforlife.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Sat, 19 Mar 2022 05:20:08 GMT
server: nginx
p3p: CP="NON DSP COR CURa TIA"
location: https://alfabank.ru/get-money/credit-cards/land/100-days-cpa/?platformId=alfapartners_cpa_118_CC-visaclassic-70field-sale-162273-0-admitad-237669-cpanetwork_bcddc4b3a0371778876d4cc3db530e7d&afclick=bcddc4b3a0371778876d4cc3db530e7d&utm_source=alfapartners&utm_medium=cpa&utm_campaign=118&utm_content=alfapartners_cpa_118_CC-visaclassic-70field-sale-162273-0-admitad-237669-cpanetwork_bcddc4b3a0371778876d4cc3db530e7d&card=master_card_mass&utm_term=bcddc4b3a0371778876d4cc3db530e7d&sub2=10&sub3=1cb5598fff
cache-control: private, no-cache, no-store, must-revalidate
content-type: text/html; charset=utf-8
content-length: 2286
expires: Tue, 01 Jan 1980 1:00:00 GMT

GET
H/1.1

200
OK

https://webmaster.leads.su/register?ref_id=142994
https://webmaster.leads.su/register

0
0

88ms
88ms

Image
text/html

178.248.232.86
QRATOR

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://webmaster.leads.su/register
Requested by: Host: oknaforlife.ru
URL: https://oknaforlife.ru/
Protocol: HTTP/1.1
Server: 178.248.232.86 , Russian Federation, ASN197068 (QRATOR, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oknaforlife.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Sat, 19 Mar 2022 05:20:08 GMT
Server: QRATOR
X-FRAME-OPTIONS: DENY
Content-Type: text/html; charset=UTF-8
Location: https://webmaster.leads.su/register
Cache-Control: no-store, no-cache, must-revalidate
Transfer-Encoding: chunked
Connection: keep-alive
Keep-Alive: timeout=15
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2

200

/
www.gogetlinks.net/
Redirect Chain

https://www.gogetlinks.net/?inv=j0ptqg
https://www.gogetlinks.net/

0
0

393ms
393ms

Image
text/html

93.171.200.70
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.gogetlinks.net/
Requested by: Host: oknaforlife.ru
URL: https://oknaforlife.ru/
Protocol: H2
Server: 93.171.200.70 , Czech Republic, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: gw.gogetlinks.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oknaforlife.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Sat, 19 Mar 2022 05:20:08 GMT
x-content-type-options: nosniff
last-modified: Sat, 19 Mar 2022 05:20:08 GMT
server: ddos-guard
location: /
x-powered-by: PHP/7.3.11-1+0~20191026.48+debian9~1.gbpf71ca0
x-frame-options: SAMEORIGIN
content-type: text/html; charset=windows-1251
access-control-allow-origin: *
cache-control: no-store, no-cache, must-revalidate
strict-transport-security: max-age=15552000
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2 200 /
www.rookee.ru/ 0
0 467ms
233ms Image
text/html 193.233.15.88
SAFEVALUE-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.rookee.ru/?pid=5844d76c0aa6a75afe4fa86a1d5ceda1f03108
Requested by: Host: oknaforlife.ru
URL: https://oknaforlife.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 193.233.15.88 , Russian Federation, ASN42745 (SAFEVALUE-AS, DE),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oknaforlife.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 403 from:255537
www.miralinks.ru/users/registration/ 0
0 118ms
35ms Image
text/html 93.171.200.6
SERVEREL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.miralinks.ru/users/registration/from:255537
Requested by: Host: oknaforlife.ru
URL: https://oknaforlife.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 93.171.200.6 , Czech Republic, ASN50245 (SERVEREL-AS, NL),
Reverse DNS: www.miralinks.ru
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oknaforlife.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET

/
advego.com/
Redirect Chain

https://advego.com/34gETAH5AN
https://advego.com/34gETAH5AN/
https://advego.com/

0
0

GET
H2

200

/
kwork.ru/
Redirect Chain

https://kwork.ru/ref/116548
https://kwork.ru/

0
0

95ms
95ms

Image
text/html

93.171.200.41
SERVEREL-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://kwork.ru/
Requested by: Host: oknaforlife.ru
URL: https://oknaforlife.ru/
Protocol: H2
Server: 93.171.200.41 , Czech Republic, ASN50245 (SERVEREL-AS, NL),
Reverse DNS: kwork.ru
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oknaforlife.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

date: Sat, 19 Mar 2022 05:20:08 GMT
x-content-type-options: nosniff
server: ddos-guard
strict-transport-security: max-age=15552000
content-type: text/html; charset=UTF-8
location: /
content-security-policy: frame-ancestors 'self' http://webvisor.com http://awards.ratingruneta.ru
vary: Accept-Encoding, User-Agent

GET
H/1.1

200
OK

winwin
letyshops.com/de/
Redirect Chain

https://letyshops.com/ua/soc/sh-1?r=12096197
https://letyshops.com/de/soc/sh-1?r=12096197
https://letyshops.com/de/winwin?ww=12096197

0
0

82ms
82ms

Image
text/html

5.187.5.24
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://letyshops.com/de/winwin?ww=12096197
Requested by: Host: oknaforlife.ru
URL: https://oknaforlife.ru/
Protocol: HTTP/1.1
Server: 5.187.5.24 Frankfurt am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS: dsde334-1.fornex.org
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oknaforlife.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

Date: Sat, 19 Mar 2022 05:20:08 GMT
X-SERVER-NAME: letyshops.com
X-Frame-Options: SAMEORIGIN
Content-Type: text/html; charset=UTF-8
Location: /de/winwin?ww=12096197
Cache-Control: max-age=0, must-revalidate, private
Transfer-Encoding: chunked
X-LSVTKN: dfb0ffb043b05780b26d84aa8eb98e65
Connection: keep-alive
Keep-Alive: timeout=15
Server: nginx
Expires: Sat, 19 Mar 2022 05:20:08 GMT

GET
H2

503

/
www.aviasales.ru/
Redirect Chain

https://aviasales.ru/?marker=229555
https://www.aviasales.ru/?marker=229555

0
0

83ms
25ms

Image
text/html

2606:4700:10::6816:3c96
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.aviasales.ru/?marker=229555
Requested by: Host: oknaforlife.ru
URL: https://oknaforlife.ru/
Protocol: H2
Server: 2606:4700:10::6816:3c96 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oknaforlife.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

location: https://www.aviasales.ru/?marker=229555
date: Sat, 19 Mar 2022 05:20:08 GMT
cache-control: max-age=0, private, must-revalidate
server: nginx
content-length: 0
x-request-id: 6d1363b7180f6d2f4f7caefb8dbbe258

GET
H2

200

/
allpositions.ru/
Redirect Chain

https://allpositions.ru/redirect/289201
https://allpositions.ru/redirect/index/289201/1
https://allpositions.ru/

0
0

57ms
57ms

Image
text/html

190.115.31.9
DDOS-GUARD CORP.

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://allpositions.ru/
Requested by: Host: oknaforlife.ru
URL: https://oknaforlife.ru/
Protocol: H2
Server: 190.115.31.9 Belize City, Belize, ASN262254 (DDOS-GUARD CORP., BZ),
Reverse DNS: ddos-guard.net
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oknaforlife.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

date: Sat, 19 Mar 2022 05:17:23 GMT
content-encoding: gzip
server: ddos-guard
age: 165
x-powered-by: PHP/5.2.17
vary: Accept-Encoding
content-type: text/html; charset=utf-8
location: http://allpositions.ru/
ddg-cache-status: HIT
content-length: 26

GET
H2

200

ru
beget.com/
Redirect Chain

https://beget.com/p534763
https://beget.com/
https://beget.com/ru

0
0

345ms
345ms

Image
text/html

193.168.47.253
BEGET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://beget.com/ru
Requested by: Host: oknaforlife.ru
URL: https://oknaforlife.ru/
Protocol: H2
Server: 193.168.47.253 , Russian Federation, ASN198610 (BEGET-AS, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oknaforlife.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

location: /ru
date: Sat, 19 Mar 2022 05:20:08 GMT
cache-control: no-cache, no-store, must-revalidate
server: nginx
x-frame-options: SAMEORIGIN

GET
H2 200 /
www.reg.ru/ 0
0 937ms
711ms Image
text/html 2a00:f940:4::8
AS-REG

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.reg.ru/?rlink=reflink-5356619
Requested by: Host: oknaforlife.ru
URL: https://oknaforlife.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, CHACHA20_POLY1305
Server: 2a00:f940:4::8 , Russian Federation, ASN197695 (AS-REG, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oknaforlife.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2

200

/
timeweb.com/ru/
Redirect Chain

https://timeweb.com/ru/?i=50887
https://timeweb.com/ru/

0
0

355ms
354ms

Image
text/html

2a03:6f00:1:2::5c35:746b
TIMEWEB-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://timeweb.com/ru/
Requested by: Host: oknaforlife.ru
URL: https://oknaforlife.ru/
Protocol: H2
Server: 2a03:6f00:1:2::5c35:746b , Russian Federation, ASN9123 (TIMEWEB-AS, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oknaforlife.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

content-security-policy: frame-ancestors 'self' *.jivosite.com *.jivosite.com/ bam.nr-data.net/ metrika.yandex.ru *.yandex.tld *.yandex.net webvisor.com *.webvisor.com http://*.webvisor.com http://webvisor.com https://*.webvisor.com http://webvisor.com https://metrika.yandex.ru https://mc.yandex.ru https://*.yandex.net https://mc.yandex.ru https://mc.yandex.az https://mc.yandex.by https://mc.yandex.co.il https://mc.yandex.com https://mc.yandex.com.am https://mc.yandex.com.ge https://mc.yandex.com.tr https://mc.yandex.ee https://mc.yandex.fr https://mc.yandex.kg https://mc.yandex.kz https://mc.yandex.lt https://mc.yandex.lv https://mc.yandex.md https://mc.yandex.tj https://mc.yandex.tm https://mc.yandex.ua https://mc.yandex.uz https://mc.webvisor.com https://mc.webvisor.org https://yastatic.net; form-action 'self' *.timeweb.ru *.timeweb.com *.timeweb.net timeweb.com timeweb.ru timeweb.net http://timeweb.com/; default-src 'self' 'unsafe-inline' 'unsafe-eval' *.jivosite.com *.jivosite.com/ *.timeweb.net *.timeweb.ru timeweb.eu vds-static.timeweb.com cloud.timeweb.com public-api.timeweb.com *.yandex.ru yandex.ru wss://*.timeweb.ru wss://*.timeweb.net www.googletagmanager.com www.google-analytics.com disutgh7q0ncc.cloudfront.net eligibility.wootric.com wootric-eligibility.herokuapp.com facebook.com connect.facebook.net *.facebook.com mc.yandex.md mc.yandex.ru *.livetex.ru *.livetex.me stats.g.doubleclick.net *.google.com *.google.ru *.sendpulse.com data: vk.com *.vk.com dadata.ru *.dadata.ru *.hostings.info *.hosters.ru bitrix.info static.criteo.net *.push.world *.gstatic.com recreativ.ru sslwidget.criteo.com *.googleapis.com *.webpushs.com i.imgur.com ipic.su *.sendpulse.com www.youtube.com s.tmimgcdn.com cdn.jsdelivr.net mc.webvisor.org https://*.getsitecontrol.com yastatic.net *.witstroom.com metrika.yandex.ru *.yandex.tld *.yandex.net myreviews.dev https://myreviews.dev webvisor.com *.witstroom.com:8080 https://checks.botfaqtor.ru *.giphy.com *.giphy.com/ *.jivosite.com *.jivosite.com/ wss://*.jivosite.com https://www.googleoptimize.com/ blob: timeweb.com
x-content-type-options: nosniff
x-powered-cms: Bitrix Site Manager (06c17fc122b49b7452818b3a0eaceb47)
p3p: policyref="/bitrix/p3p.xml", CP="NON DSP COR CUR ADM DEV PSA PSD OUR UNR BUS UNI COM NAV INT DEM STA"
x-xss-protection: 1; mode=block
x-page-speed: 1.13.35.2-0
location: https://timeweb.com/ru/
server: nginx
x-frame-options: SAMEORIGIN
date: Sat, 19 Mar 2022 05:20:09 GMT
expect-ct: max-age=86400, enforce
strict-transport-security: max-age=31536000
content-type: text/html; charset=UTF-8
pragma: no-cache
cache-control: max-age=0, no-cache, no-store, must-revalidate
feature-policy: autoplay 'none'; camera 'none'; microphone 'none'

GET /
webhost1.ru/ 0
0

GET
H2 200 /
advego.com/blog/read/faq_partner/1284469/ 0
0 70ms
70ms Image
text/html 89.208.226.140
DINET-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://advego.com/blog/read/faq_partner/1284469/
Requested by: Host: oknaforlife.ru
URL: https://oknaforlife.ru/
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 89.208.226.140 Balashikha, Russian Federation, ASN12695 (DINET-AS, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oknaforlife.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 404 nikmaz
text.ru/ 0
0 420ms
356ms Image
text/html 2606:4700:20::681a:cc8
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://text.ru/nikmaz
Requested by: Host: oknaforlife.ru
URL: https://oknaforlife.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:20::681a:cc8 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oknaforlife.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2 503 /
www.etxt.ru/ 0
0 78ms
27ms Image
text/html 2606:4700:10::6816:24bf
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.etxt.ru/?r=anakot2010
Requested by: Host: oknaforlife.ru
URL: https://oknaforlife.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6816:24bf , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oknaforlife.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2

200

/
ad.admitad.com/dummy/
Redirect Chain

https://ad.admitad.com/g/6dadf43a4dd7bbbf08bff76aa61bb5/
https://ad.admitad.com/dummy/?w=523986&c=3081&r=3&d=3&g=DE&x=2684225679f1187906a6fc0227d0a716&y=2684225679f1187906a6fc0227d0a716

0
0

102ms
34ms

Image
text/html

185.26.99.247
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.admitad.com/dummy/?w=523986&c=3081&r=3&d=3&g=DE&x=2684225679f1187906a6fc0227d0a716&y=2684225679f1187906a6fc0227d0a716
Requested by: Host: oknaforlife.ru
URL: https://oknaforlife.ru/
Protocol: H2
Server: 185.26.99.247 Frankfurt am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS: dsde430-2.fornex.org
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oknaforlife.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

location: https://ad.admitad.com/dummy/?w=523986&c=3081&r=3&d=3&g=DE&x=2684225679f1187906a6fc0227d0a716&y=2684225679f1187906a6fc0227d0a716
date: Sat, 19 Mar 2022 05:20:08 GMT
server: nginx
content-type: text/html; charset=utf-8
content-length: 511
p3p: CP="NON DSP COR CURa TIA"

GET
H2

200

/
ad.admitad.com/dummy/
Redirect Chain

https://ad.admitad.com/g/207bcbdf4cd7bbbf08bf159ac4a8d3/
https://ad.admitad.com/dummy/?w=523986&c=2402&r=3&d=3&g=DE&x=6cc6249a71a0ef3887d2cd175d38e269&y=6cc6249a71a0ef3887d2cd175d38e269

0
0

105ms
27ms

Image
text/html

185.26.99.247
DE-FIRSTCOLO www....

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://ad.admitad.com/dummy/?w=523986&c=2402&r=3&d=3&g=DE&x=6cc6249a71a0ef3887d2cd175d38e269&y=6cc6249a71a0ef3887d2cd175d38e269
Requested by: Host: oknaforlife.ru
URL: https://oknaforlife.ru/
Protocol: H2
Server: 185.26.99.247 Frankfurt am Main, Germany, ASN44066 (DE-FIRSTCOLO www.first-colo.net, DE),
Reverse DNS: dsde430-2.fornex.org
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oknaforlife.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

location: https://ad.admitad.com/dummy/?w=523986&c=2402&r=3&d=3&g=DE&x=6cc6249a71a0ef3887d2cd175d38e269&y=6cc6249a71a0ef3887d2cd175d38e269
date: Sat, 19 Mar 2022 05:20:08 GMT
server: nginx
content-type: text/html; charset=utf-8
content-length: 511
p3p: CP="NON DSP COR CURa TIA"

GET
H2

200

/
best.aliexpress.ru/
Redirect Chain

https://s.click.aliexpress.com/e/_dSydzZH?dp=oknaforlife.ru
https://best.aliexpress.ru/?dp=oknaforlife.ru&aff_fcid=b07582248b644e678ab69bcef0c5686a-1647667209414-07651-_dSydzZH&aff_fsk=_dSydzZH&aff_platform=portals-tool&sk=_dSydzZH&aff_trace_key=b07582248b6...
https://login.aliexpress.com/sync_cookie_read.htm?xman_goto=https%3A%2F%2Fbest.aliexpress.ru%2F%3Fdp%3Doknaforlife.ru%26aff_fcid%3Db07582248b644e678ab69bcef0c5686a-1647667209414-07651-_dSydzZH%26af...
https://login.aliexpress.ru/sync_cookie_write.htm?acs_random_token=efb7f7b7d1ea4e0f80ee6a0d3a322c65&xman_goto=https%3A%2F%2Fbest.aliexpress.ru%2F%3Fdp%3Doknaforlife.ru%26aff_fcid%3Db07582248b644e67...
https://best.aliexpress.ru/?dp=oknaforlife.ru&aff_fcid=b07582248b644e678ab69bcef0c5686a-1647667209414-07651-_dSydzZH&aff_fsk=_dSydzZH&aff_platform=portals-tool&sk=_dSydzZH&aff_trace_key=b07582248b6...

0
0

89ms
88ms

Image
text/html

62.128.97.7
ALIBABA-CN-NET Al...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://best.aliexpress.ru/?dp=oknaforlife.ru&aff_fcid=b07582248b644e678ab69bcef0c5686a-1647667209414-07651-_dSydzZH&aff_fsk=_dSydzZH&aff_platform=portals-tool&sk=_dSydzZH&aff_trace_key=b07582248b644e678ab69bcef0c5686a-1647667209414-07651-_dSydzZH&terminal_id=efb7f7b7d1ea4e0f80ee6a0d3a322c65
Requested by: Host: oknaforlife.ru
URL: https://oknaforlife.ru/
Protocol: H2
Server: 62.128.97.7 Moscow, Russian Federation, ASN45102 (ALIBABA-CN-NET Alibaba US Technology Co., Ltd., CN),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oknaforlife.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

date: Sat, 19 Mar 2022 05:20:10 GMT
content-type: text/html;charset=UTF-8
server: Tengine/Aserver
p3p: CP="CAO PSA OUR"
strict-transport-security: max-age=31536000
content-language: en-US
location: https://best.aliexpress.ru/?dp=oknaforlife.ru&aff_fcid=b07582248b644e678ab69bcef0c5686a-1647667209414-07651-_dSydzZH&aff_fsk=_dSydzZH&aff_platform=portals-tool&sk=_dSydzZH&aff_trace_key=b07582248b644e678ab69bcef0c5686a-1647667209414-07651-_dSydzZH&terminal_id=efb7f7b7d1ea4e0f80ee6a0d3a322c65
timing-allow-origin: *
content-length: 0
eagleeye-traceid: 0b8b035616476672105834811e7981

GET
H2 403 aff.php
hostiq.ua/clients/ 0
0 148ms
34ms Image
text/html 2606:4700:10::6814:33a1
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://hostiq.ua/clients/aff.php?aff=381
Requested by: Host: oknaforlife.ru
URL: https://oknaforlife.ru/
Protocol: H2
Security: TLS 1.3, , AES_128_GCM
Server: 2606:4700:10::6814:33a1 , United States, ASN13335 (CLOUDFLARENET, US),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oknaforlife.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2

200

/
adminvps.ru/
Redirect Chain

https://my.adminvps.ru/aff.php?aff=700
https://adminvps.ru/

0
0

205ms
142ms

Image
text/html

5.253.61.60
ADMINVPS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://adminvps.ru/
Requested by: Host: oknaforlife.ru
URL: https://oknaforlife.ru/
Protocol: H2
Server: 5.253.61.60 , Russian Federation, ASN211642 (ADMINVPS, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oknaforlife.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

Pragma: no-cache
Date: Sat, 19 Mar 2022 05:20:09 GMT
Server: nginx
X-Powered-By: PHP/7.4.22
Strict-Transport-Security: max-age=31536000;
Content-Type: text/html; charset=utf-8
Location: https://adminvps.ru
Cache-Control: no-store, no-cache, must-revalidate
Connection: keep-alive
Keep-Alive: timeout=60
Content-Length: 0
Expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H2

200

/
www.hostland.ru/
Redirect Chain

https://www.hostland.ru/?r=3a81d50b
https://www.hostland.ru/

0
0

232ms
232ms

Image
text/html

185.26.122.131
HOSTLAND

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hostland.ru/
Requested by: Host: oknaforlife.ru
URL: https://oknaforlife.ru/
Protocol: H2
Server: 185.26.122.131 , Russian Federation, ASN62082 (HOSTLAND, RU),
Reverse DNS: serv131.hostland.ru
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oknaforlife.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

location: /
date: Sat, 19 Mar 2022 05:20:09 GMT
server: nginx
strict-transport-security: max-age=63072000
content-length: 0
x-frame-options: SAMEORIGIN
content-type: text/html; charset=UTF-8

GET
H2 200 aff.php
fozzy.com/ 0
0 209ms
18ms Image
text/html 185.203.72.141
VARITI-INT-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://fozzy.com/aff.php?aff=16811
Requested by: Host: oknaforlife.ru
URL: https://oknaforlife.ru/
Protocol: H2
Security: TLS 1.3, , AES_256_GCM
Server: 185.203.72.141 , Russian Federation, ASN42240 (VARITI-INT-AS, RU),
Reverse DNS
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oknaforlife.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

GET
H2

200

/
www.hts.ru/
Redirect Chain

https://www.hts.ru/?affid=68551
https://www.hts.ru/

0
0

697ms
697ms

Image
text/html

78.110.50.108
HT-SYSTEMS-AS Upl...

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://www.hts.ru/
Requested by: Host: oknaforlife.ru
URL: https://oknaforlife.ru/
Protocol: H2
Server: 78.110.50.108 Moscow, Russian Federation, ASN31240 (HT-SYSTEMS-AS Uplinks:, RU),
Reverse DNS: c6-w.ht-systems.ru
Software: /
Resource Hash: e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://oknaforlife.ru/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Redirect headers

pragma: no-cache
date: Sat, 19 Mar 2022 05:20:09 GMT
server: nginx
x-powered-by: PHP/5.4.16
content-type: text/html; charset=WINDOWS-1251
location: /
cache-control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0
content-security-policy: frame-ancestors 'self' http://webvisor.com; default-src 'self' https://yandex.ru; font-src 'self'; script-src 'self' https://api-maps.yandex.ru https://maps.google.com https://code.jivosite.com https://www.googletagmanager.com https://stats.hts.ru https://mc.yandex.ru https://yastatic.net https://www.google-analytics.com 'unsafe-inline' 'unsafe-eval'; connect-src 'self' https://mc.yandex.ru https://code.jivosite.com https://*.jivosite.com; img-src 'self' https://ext.host-tracker.com https://api-maps.yandex.ru https://counter.yadro.ru http://cp.hts.ru https://mc.yandex.ru https://*.maps.yandex.net http://www.hts.ru http://hubble.ht-systems.ru https://stats.hts.ru https://www.google-analytics.com data:; media-src 'self' https://code.jivosite.com; style-src 'self' 'unsafe-inline'; object-src 'self'
content-length: 0
expires: Thu, 19 Nov 1981 08:52:00 GMT

GET
H3 200 css
fonts.googleapis.com/ Frame CAA3 8 KB
892 B 27ms
27ms Stylesheet
text/css 2a00:1450:4001:830::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:830::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Sat, 19 Mar 2022 04:39:16 GMT
server: ESF
cross-origin-opener-policy: same-origin-allow-popups
date: Sat, 19 Mar 2022 05:20:08 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Sat, 19 Mar 2022 05:20:08 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame CAA3 2 KB
984 B 25ms
23ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 05:09:06 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 662
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 877
x-xss-protection: 0
server: cafe
etag: 13035868154101442325
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Apr 2022 05:09:06 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/ Frame CAA3 19 KB
8 KB 25ms
24ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/abg_lite_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 05:06:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 840
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7871
x-xss-protection: 0
server: cafe
etag: 7397949449432438406
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Apr 2022 05:06:08 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame CAA3 2 KB
1 KB 39ms
38ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/window_focus_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 05:06:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 797
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1233
x-xss-protection: 0
server: cafe
etag: 16517525077337815633
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Apr 2022 05:06:51 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/ Frame CAA3 15 KB
6 KB 36ms
35ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20220316/r20110914/client/qs_click_protection_fy2019.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 04:37:46 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 2542
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6407
x-xss-protection: 0
server: cafe
etag: 6055885685211612390
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Apr 2022 04:37:46 GMT

GET
H2 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame CAA3 117 KB
36 KB 64ms
57ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 05:20:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/active-view-scs-read-write-acl
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 36344
x-xss-protection: 0
server: sffe
cross-origin-opener-policy: same-origin; report-to="active-view-scs-read-write-acl"
etag: "1647431472276194"
vary: Accept-Encoding
report-to: {"group":"active-view-scs-read-write-acl","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/active-view-scs-read-write-acl"}]}
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
expires: Sat, 19 Mar 2022 05:20:08 GMT

GET
H2 200 7a99daadf072127ada89333d533e295f.js Show response
www.gstatic.com/mysidia/ Frame CAA3 28 KB
12 KB 18ms
18ms Script
text/javascript 2a00:1450:4001:827::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/7a99daadf072127ada89333d533e295f.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:827::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

14f17e5a9922761162f13a1ebe6cf4bf53cac2d3b3041b941ae3f40f32ae6fba

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 11:46:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 63208
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/mysidia
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11822
x-xss-protection: 0
last-modified: Wed, 16 Mar 2022 03:55:01 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="mysidia"
vary: Accept-Encoding
report-to: {"group":"mysidia","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/mysidia"}]}
content-type: text/javascript
cache-control: public, max-age=7776000
accept-ranges: bytes
expires: Thu, 16 Jun 2022 11:46:40 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A2E6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_dbm
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJzLQqm8vaIJQbT4ihiqWtE&google_cver=1
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJzLQqm8vaIJQbT4ihiqWtE&google_cver=1&C=1

43 B
1014 B

25ms
23ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJzLQqm8vaIJQbT4ihiqWtE&google_cver=1&C=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJClsJ4CEKDVu6ECGM6S-cIBMAE&v=APEucNW6CoJbnVxbSTvxUtdjcH0wmj0Dfjyhnjv5wE4xu4QyiRxLJ0fAXCm6v1tzH_CR98oq-OA3gvEetPx8LhsO-uf7q487tmuttYet9CCOjZTOrW09aqEkL-kceQWVMecJ5pRKgAI5R1O0jbjI5xZoCTxg5siAvKJmtwp1pEo9T20HO0sY3iI
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 19 Mar 2022 05:20:08 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 19 Mar 2022 05:20:08 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 19 Mar 2022 05:20:08 GMT
Server: Apache
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEJzLQqm8vaIJQbT4ihiqWtE&google_cver=1&C=1
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: text/html; charset=iso-8859-1
Content-Length: 308
Expires: Sat, 19 Mar 2022 05:20:08 GMT

GET
H/1.1

200
OK

rum
dsum-sec.casalemedia.com/ Frame A2E6
Redirect Chain

https://dsum-sec.casalemedia.com/rrum?ixi=0&cm_dsp_id=85&cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D
https://dsum-sec.casalemedia.com/rrum?cb=https%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dcasale_media2_dsp_secure%26google_cm%26google_hm%3D&cm_dsp_id=85&ixi=0&C=1
https://cm.g.doubleclick.net/pixel?google_nid=casale_media2_dsp_secure&google_cm&google_hm=YjVoCE6e0tlXb13hVqJ4pAAA
https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKdI31dfixrmvL_COAo9Oow&google_cver=1

43 B
894 B

24ms
24ms

Image
image/gif

2.18.234.21
AKAMAI-AS

General

Check archive.org

Show headers Download Go to Show image

Full URL: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKdI31dfixrmvL_COAo9Oow&google_cver=1
Requested by: Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJClsJ4CEKDVu6ECGM6S-cIBMAE&v=APEucNW6CoJbnVxbSTvxUtdjcH0wmj0Dfjyhnjv5wE4xu4QyiRxLJ0fAXCm6v1tzH_CR98oq-OA3gvEetPx8LhsO-uf7q487tmuttYet9CCOjZTOrW09aqEkL-kceQWVMecJ5pRKgAI5R1O0jbjI5xZoCTxg5siAvKJmtwp1pEo9T20HO0sY3iI
Protocol: HTTP/1.1
Server: 2.18.234.21 Frankfurt am Main, Germany, ASN16625 (AKAMAI-AS, US),
Reverse DNS: a2-18-234-21.deploy.static.akamaitechnologies.com
Software: Apache /
Resource Hash: b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 19 Mar 2022 05:20:08 GMT
Server: Apache
Vary: Is-Traffic-Usersync
P3p: policyref="/w3c/p3p.xml", CP="NOI DSP COR DEVa TAIa OUR BUS UNI"
Cache-Control: max-age=0, no-cache, no-store
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
Expires: Sat, 19 Mar 2022 05:20:08 GMT

Redirect headers

pragma: no-cache
date: Sat, 19 Mar 2022 05:20:08 GMT
server: HTTP server (unknown)
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
location: https://dsum-sec.casalemedia.com/rum?cm_dsp_id=45&external_user_id=CAESEKdI31dfixrmvL_COAo9Oow&google_cver=1
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 313
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H/1.1

200
OK

bounce
ib.adnxs.com/ Frame A2E6
Redirect Chain

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_cm&google_dbm
https://ib.adnxs.com/setuid?entity=101&code=CAESEMzCkId91DqqWeM3gcXTPaA&google_cver=1
https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMzCkId91DqqWeM3gcXTPaA%26google_cver%3D1

43 B
1 KB

18ms
18ms

Image
image/gif

37.252.173.62
ASN-APPNEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMzCkId91DqqWeM3gcXTPaA%26google_cver%3D1

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/xbbe/pixel?d=CJClsJ4CEKDVu6ECGM6S-cIBMAE&v=APEucNW6CoJbnVxbSTvxUtdjcH0wmj0Dfjyhnjv5wE4xu4QyiRxLJ0fAXCm6v1tzH_CR98oq-OA3gvEetPx8LhsO-uf7q487tmuttYet9CCOjZTOrW09aqEkL-kceQWVMecJ5pRKgAI5R1O0jbjI5xZoCTxg5siAvKJmtwp1pEo9T20HO0sY3iI

Protocol

HTTP/1.1

Server

37.252.173.62 Frankfurt am Main, Germany, ASN29990 (ASN-APPNEX, US),

Reverse DNS

535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net

Software

nginx/1.21.3 /

Resource Hash

4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Pragma: no-cache
Date: Sat, 19 Mar 2022 05:20:08 GMT
X-Proxy-Origin: 84.19.175.165; 84.19.175.165; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: aa3fc605-4a6e-4c4d-b5e8-4a458c04c8b3
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Access-Control-Allow-Origin: *
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: image/gif
Content-Length: 43
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 19 Mar 2022 05:20:08 GMT
X-Proxy-Origin: 84.19.175.165; 84.19.175.165; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: f09d5b5b-6e1d-4d5c-a3d8-2e2610bf126b
Server: nginx/1.21.3
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://ib.adnxs.com/bounce?%2Fsetuid%3Fentity%3D101%26code%3DCAESEMzCkId91DqqWeM3gcXTPaA%26google_cver%3D1
Cache-Control: no-store, no-cache, private
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H3

200

pixel
cm.g.doubleclick.net/ Frame A2E6
Redirect Chain

https://ib.adnxs.com/getuid?https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=${BASE64_UID_ENC}
https://ib.adnxs.com/bounce?%2Fgetuid%3Fhttps%3A%2F%2Fcm.g.doubleclick.net%2Fpixel%3Fgoogle_nid%3Dappnexus%26google_hm%3D%24%7BBASE64_UID_ENC%7D
https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzAwMDUwNTU5ODA3MjEwOTAwNA%3D%3D

170 B
188 B

68ms
30ms

Image
image/png

142.250.186.130
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzAwMDUwNTU5ODA3MjEwOTAwNA%3D%3D

Requested by

Protocol

Server

142.250.186.130 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s07-in-f2.1e100.net

Software

HTTP server (unknown) /

Resource Hash

0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5

Security Headers

Name	Value
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Mar 2022 05:20:08 GMT
server: HTTP server (unknown)
content-type: image/png
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 170
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Redirect headers

Pragma: no-cache
Date: Sat, 19 Mar 2022 05:20:08 GMT
X-Proxy-Origin: 84.19.175.165; 84.19.175.165; 535.bm-nginx-loadbalancer.mgmt.fra1.adnexus.net; adnxs.com
AN-X-Request-Uuid: 65466e0c-ad4c-43a1-8582-4dbe73f79673
Server: nginx/1.21.3
Access-Control-Allow-Origin: *
P3P: policyref="http://cdn.adnxs-simple.com/w3c/policy/p3p.xml", CP="NOI DSP COR ADM PSAo PSDo OURo SAMo UNRo OTRo BUS COM NAV DEM STA PRE"
Location: https://cm.g.doubleclick.net/pixel?google_nid=appnexus&google_hm=NzAwMDUwNTU5ODA3MjEwOTAwNA%3D%3D
Cache-Control: no-store, no-cache, private
Access-Control-Allow-Credentials: true
Connection: keep-alive
Content-Type: text/html; charset=utf-8
Content-Length: 0
X-XSS-Protection: 0
Expires: Sat, 15 Nov 2008 16:00:00 GMT

GET
H2 200 express_html_inpage_rendering_lib_200_275.js Show response
s0.2mdn.net/879366/ Frame 1C64 106 KB
38 KB 65ms
19ms Script
text/javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Requested by

Host: oknaforlife.ru
URL: https://oknaforlife.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
Origin: https://googleads.g.doubleclick.net
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Fri, 18 Mar 2022 14:28:53 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 53475
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 37892
x-xss-protection: 0
last-modified: Mon, 27 Sep 2021 18:44:52 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: text/javascript
access-control-allow-origin: *
cache-control: public, max-age=86400
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Sat, 19 Mar 2022 14:28:53 GMT

GET
H3 200 omrhp.js Show response
pagead2.googlesyndication.com/pagead/js/r20220316/r20110914/elements/html/ Frame 1C64 8 KB
3 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220316/r20110914/elements/html/omrhp.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/dbm/ad?dbm_c=AKAmf-BCUR0L7xNxjkE7OAAyND1yJTowBq1csoVMyVwVyiI9Tkgfwez34lHAbYgBbIDZnMNkjebuYOzf62ZkIeqwQSwhl10jHmoVWz5ySqhXNXZvFiNjbng2Q0jBhucb2igmqbU0xfHT2XmH4DQYRny94qPcgyMrOA&dbm_d=AKAmf-DOM739om7nTL5vVOQ2B2w0F1f2sB0wMqGNlLtPnD-K9sk8nHwkosZdLVvk-RjLUgmLFZo41V8Nu4fnIaBSOBn605DbglR7Y3pHQUz-M0T96YEX9uk-bXvna5jDIMOHXDt5SuPfbxOZNiIj7YhI_lHlI6UWyl8-pPo1ZteAYVFLVVnHmPQvPQkG0CgwF7RH4FKI4_qFMheE0IR5wxMyaHNBaxD__y2yLTUy6pfjMvPe0Y9tHyqJ89HaosJWVT0mLPHSP_0jV0q60rNWozr5POP-GmQ5NS5WGILaxXhlLjkB5LN3PBTfUOw25cOUWaiDzcuUzMW88nyMRwikkvFrxZ8GO-_B3nYV8NzLUJu-OyLjvOub00v3f1oubE_Aq0AaSZAM98qJJou-qBdAMFPIxCgDpHBf4WFnybNKFd57Ag7UEtueAobkS5SgIKCSDdKdcK50uLRiKl_oNINguYH6XJgShQ0_0Bm9uJ1aUIAfZKb4oB2WdNo2lhWC1RN4FnWbnJjUE8Vl--LIVhHWvCtPZIN5mUnomoxBIFmmiCz0qGzaamyIymSr_-a8anmnUxb3P4vmiz8GQUdBy2PcH99RqKT7Rrj3KqTJS1igXK2DghTnI42Wvs0xqVQwenvFnyB59ZKXcQtfUyzD4PcVSESDXf888_ywD7NaLonj4cXnsQsiw1xOHluLilTMnn6qHxcG2cMcSX9ANgLPwoorvzEP0HBYXmJrkf4pQ7TBNfiO6z42pF0NP2koC2UkWPQ7jLlDMVPjnD9Y9pSYVtbdduWcUm9AxoCZUAMyAxt0gUBaw7JtbpDq4mHBgbREBMOlWSnRwkuBq4Y-XHR5FcWxRio_6t9_h0LFvSj5Sxv5yEYOSTvvh4WhmSR8qoBCgVJi1ugY0N6JCiNtA4Otjm5MCN0qTAdVGH2scFxwP5Q5dm8YhU71YxeS8htr96H8HyQJojMS9mVnZXWyYrOCnxESplSX-5Ji2UbmvxB9ld9TLbuv_-UznpYPmefE_-0Y61JuwbqODWzalXQ2iPXIAgHblKggWAqxo6eSnpmBIQh6olTYMik5sQ_RY73UQNKEzNvC6m0BXh5F0k_mJl73CU_KE97yulMQcRX7WzG0TnQb8QARget4FSM1uyCSXsJ-jRW4Qfe1edQugRiTSCkQKPoZTPu-cEzdwBJco14PbvrqHk-lU4k9kYb2evZ5LAhU2t6o7ZiFGWZVUmGhG64CXDphbiezB9MjPlPFN6pmNzpIoY3AFQWsjdZngebfrHjCIB7-IOslhZXnBuUtcgf30QvREzQ1lcvG423AP84-rh6a1TWsWowXBkGmcBeVqgYz7KErPT9T1L_ZwqI7Zs6uBlGewrosXuW009fpxA9n5jJlQnhXWeCEuFhtE6M91U40fSVsobG49dKcFfR30L-3alX7qMjXhLQ7NF5xJ1YC2cGowal_8upu9JFEc-5glZ_0HXVwpgnXgkD7bB_VQT9Kd3RAsdNZ0JLu3BC6vzw4-M7P-r6SeBRVPUJfqqyrwrH7umibG5XOfMojtfNTCCQ3WRZw2k9H9rURHCWYD3vLZBQLjdCRTUFpOQkUfghV8K6Q8yg_P13c_XYhdSBMLNVjzupMADySKwrYoaWkX1ltY31O42C7peDq-H0fd5OlOKwqMUQS-85nAUWeKw5MhQc0yQtfGvRafquTymfKqZMEiKWYMCmPhzNtLlPcgo-s5yBpZ-laRpJA-DjTTLdp_NgTgBzB9IM0MKwP2K6i9Jfgo4CngCJgPvSRWVK2SCfo-fZYMb3CKXcWDnYRUIsfqzLiyMrDqn8vxgq-qqMVYyXg8tFRwWmqA-oP6smNbdRj-69O08xwAnfBV-845vdLloD4hFUWuYaD-6wXSYsVf-Rx2dQ2wwSmkwWWQAOZkBfkHDjhpKn9Yzr41zdu-4v6QBBTopppq5a5LtjRYELUhkb0IX4NIyetQ3JrqlHs-XGrMGDyGexQjTwZKtqaxcKskc3tzzy5EQSUSyIF6ZinrQbQYSURjUMkWmfLFtVTM33dlZcbbj6aGdMORxJFQS4QMeg3yDre0dLRdZgbFtxf1MQPGohRhCRnneyFrML61htEyIkqJOmpS6sC9qdW1zCq92D7wVwnER6B-X15w17rQRhRHBcKI7Rq5__IIwF6_X5KWTnpzUEzTVVGF3s2jgb0XcjIvqNQ3zXPyyI7hePGmH-NhKxYfI3ii5ars1k4yWdxTNCDiQAtj29-m7dwrXr8iCHm4zcSiQCuxbnhq6K3KOmvJgSAG4h-b9GKur-28uDngmZk8lukNwtid-Y83QZKYZ_GeOG0dLa8kuAzS734kYk0qDNPU21BWeclogGvXmUNMH__e_Iw6juPG9eI2-ZZ5yptmm65EyN-hx-Yy0kE-KqJD8FLl7RE1KilIKwX_09LKeW8eKC4LbNxZ2EAZSbwHsWQo28HMMejVyIL7bVqapScPofM42ETV5T6WydVfHwTjbG3FH1ocO7I62J8aEaxZBDgsRI9j9wEFKLHDSXR5ug7bLOG69ax4BPedfSGOH7mlp9Vuy_hKlbBmDzoDF8xS2FrhwwpssfE6lYK7PGU3f3dwATpIg0SpTaLxTGo-WQNcRbrLMrAku0kW4X_j8pn7rrABJ1p1LsB2Xm2jC047LbBtPx1pUWskgNfsnfCl8uRzKYJgU2_9b6eNB8D-Fo2GN114GXP8vCDtb79dSMyTXrNdhEV3x7XgzitFIK6tiF6j-JO5adeau_8b7QfxNqqPRxTCwRE92jAXTb4ornabLuS_XLWyMxWpy1DAviHkiAkqZ5PoQ4PzckdaR1OELh_gDwBB8vAKPWGgWKhNkLQ_x9Vs-cE0npqNoZr44nl3UBARgDe3CPHaXaagMoulVB0-Gkbcw01k2Ql8qbgJRu9PYqcZV9XJIP_ua6wthGdPszsktv7wlbfNbqect9VgPKBc9uc--olXGabCgEBx3v-FMeH9LIsDX7pFKxvjq0_VXiPIENncbxg_91PLeELNH-SN822gTxuHMgdhZ_A0WxcpNco6J1_zzc2CfaErI7Ifp-N4TN4FVxJozpG12uPtaTVkjiPNG1JUs3CZ84Xm5zD7ToGAVo1hJgJgC69tnvEc-9-5RvNoIZ3se8CarxfzxMj5n3UmxRMn6SWl1o-b_m2Ua-F7Su20pQ3ysd8zigJyOjQO2b3iIf5xtwHfpP8d71-IF5S6sXKBRciGWNwd9JgVWSWvBQYjEleZqm-MN6TTB-HVq0LvU2wnaE3Nccm2bnJaSU7wocTOEirq9gpFfeF9A&cid=CAASBORovQM&rfl=2%2Chttps%253A%252F%252Foknaforlife.ru%252F%240

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 05:03:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1023
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3159
x-xss-protection: 0
server: cafe
etag: 1394524276809619753
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Apr 2022 05:03:05 GMT

GET
H3 200 abg_lite.js Show response
pagead2.googlesyndication.com/pagead/js/r20220316/r20110914/ Frame 1C64 25 KB
9 KB 19ms
19ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20220316/r20110914/abg_lite.js

Requested by

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

4a18b0faf6a447454e134730303202f8416b72f1d4f744b1d3b4646636240eb7

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 04:57:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 1372
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 9657
x-xss-protection: 0
server: cafe
etag: 16576748017229546422
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Sat, 02 Apr 2022 04:57:16 GMT

GET
H3 200 UFYwWwmt.js Show response
tpc.googlesyndication.com/sodar/ Frame 1C64 41 KB
15 KB 48ms
19ms Script
text/javascript 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Thu, 17 Mar 2022 07:28:03 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 165125
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15207
x-xss-protection: 0
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
vary: Accept-Encoding
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 17 Mar 2023 07:28:03 GMT

GET
DATA 200
OK truncated
/ Frame 1C64 214 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: dda25938bf92e7f6d68a825fb2f11ab6256bbd6a6aacdb382569b3d2ebee9dfc

Request headers

Accept-Language: de-DE,de;q=0.9
Referer
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Content-Type: image/png

GET
H3 200 Guojae3EGYR4c8nOY3QAJp6N_HyMY3qMC8IMY_l3vL8.js Show response
pagead2.googlesyndication.com/bg/ Frame 8989 35 KB
14 KB 20ms
20ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Guojae3EGYR4c8nOY3QAJp6N_HyMY3qMC8IMY_l3vL8.js

Requested by

Host: oknaforlife.ru
URL: https://oknaforlife.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1aea2369edc419847873c9ce637400269e8dfc7c8c637a8c0bc20c63f977bcbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 22:15:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 371084
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13802
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Mar 2023 22:15:24 GMT

GET
H3 200 JAKO-O_Baby_C_728x90.html Show response
s0.2mdn.net/sadbundle/6686288770309816320/Baby_728x90/ Frame 7B71 6 KB
2 KB 45ms
19ms Document
text/html 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6686288770309816320/Baby_728x90/JAKO-O_Baby_C_728x90.html

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/879366/express_html_inpage_rendering_lib_200_275.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

969c79a3c215a2ed73aaa37db73760829786444b7ca9cde3cdc0c898c1779797

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
access-control-allow-origin: *
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
timing-allow-origin: *
content-length: 2325
x-content-type-options: nosniff
x-dns-prefetch-control: off
content-encoding: gzip
server: sffe
x-xss-protection: 0
date: Mon, 14 Mar 2022 13:40:36 GMT
expires: Tue, 14 Mar 2023 13:40:36 GMT
cache-control: public, max-age=31536000
last-modified: Mon, 21 Feb 2022 16:53:09 GMT
content-type: text/html
age: 401972
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

POST
H2 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1C64 0
571 B 77ms
35ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvjlyUjSGYRGA_SHU5EGeUlE_D3WOCuFnbd47T_Aj9mwd9H8gq3Ljw4pgpXuEbYxvz_6VIaP6Uj9LpvAaKbkMtNA6_NFmKhfIi5rb8M6V0OFSN5ZE7ljK1GSD2qkT334VPUrjn-RI_iINKF3dP858DV3mnO8iIep5Ep1xzhdEnspC1pE1V3sD7JgmWlw25mHs3OYTMuh_50o91zU0cEkl5NhS-nOfhdrlyurfM6Jx-d3WcnBcYe40Vn7YBQ_Eymg3-M0z3Ir_qklXiL5Rq-CQ2L3vitkRRVqI3fZp-AgB3t9LyaIxgen2C8uq7ZESLQGgVifP79B1eZy6vXB-DhNtRsahFbYfQ55Z36zZvq8K2Q0KIdQL82WIWYtuWjfDKrA3am6EdjACesLQEU7jsVKJSDscbfNhjYzbjdzX3lwEcReqnJmiXWR8VDiCShl9J0AjrT4ccPH3PqYhCx1gEx26AtO24RNJwAIgO-1J6U_QT4be2l1Ae4cIcamNfDMyGQpbHMHedXSXxLDA5-B8TmoD44563taIuaFt9hNJrgutoWgBBr8Ug6Rm23t3g8bhH9YeI-0QUlT0yY9BAzHLs4bYQeflb3r1GmxKM-KCYvPt3VMso_gxiOnToB6zvetsAc8vCxlzEjV2EMPnPt92mEfv5hctCY5QaOaTJ2hnnoToH4Quw0drkyb1yAtMXI5ZGtLtbGPK8uszEu3XErVRjbDreTs2e0kkrxMhnNVEIQFsYi5wDV5l6wGuELTgGApDMtK7rZ4XoPOrmKUCGNDErV1xWCE3evDmxpc8v4k_GpT5R-5d7SDZrKoZL3c85ZaFx7ijXgeHN3iz8OsorfPigyrsVjVsfX0S6k3UHXW1NHqv-Ju28ONkxe4B1A-ZECd1OA8lU8CwgGDXut7nQ_kW6q8GoKYxzGGH9EV8afPgI6fXambEExoL1QJfMcVo8ZoNDbvRxZD1b9at8vb1He95nBUv9iroFFou5oDx5QWLuNY1mhD8K4ItLrRpmU-MsPuQb-WiwgDJAjngz2NsZbjAgUynOD08AF6ODZLtaidyq3WEXnAuY2Htxo8ke6IYmFy9yvtmzL4IO38CoMonjKzC0rnvquDHbGc3m8r5jtz6ubXmGpdhVscw-vpCNzNYkWSggE_pBiT_Md5WXp7tyWnXuJhovO5CVKzSZiNClrDfG79wpZ3XsNwUsVBcKhbHxIgKJZUnE&sai=AMfl-YRXD6MD39qfU-ZQM_flaNfkwavrNm9EQWxtSCvRB8Xy2uzBikmosmouCLjCNRj-MIEo8Qlh1gJ1PBCdo6qgCPeBZ8HsTzaMal_w8q2oYXewdWxOr3Fdxv4laVjfiujBs3T_&sig=Cg0ArKJSzOu61GWTQgZfEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=101&cbvp=1&cstd=98&cisv=r20220316.49867&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=

Requested by

Host: oknaforlife.ru
URL: https://oknaforlife.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
date: Sat, 19 Mar 2022 05:20:08 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H/1.1 200
OK ai.aspx
m.exactag.com/ Frame 1C64 43 B
1 KB 106ms
34ms Image
image/gif 85.14.248.91
MYLOC-AS IP Backb...

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://m.exactag.com/ai.aspx?extProvId=8&extPu=77133-dcm&extLi=27298690&extCr=166866920&extPm=329385131&gdpr=&gdpr_consent=

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

85.14.248.91 Meerbusch, Germany, ASN24961 (MYLOC-AS IP Backbone of myLoc managed IT AG, DE),

Reverse DNS

Software

Microsoft-IIS/8.5 / ASP.NET

Resource Hash

afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

Strict-Transport-Security: max-age=31536000
X-AspNet-Version: 4.0.30319
X-Powered-By: ASP.NET
P3P: policyref="https://m.exactag.com/w3c/p3p.xml", CP="NOI NID STP STA CUR OUR"
Connection: close
X-ET-Monitoring: 1
Content-Length: 43
Pragma: no-cache
X-ET-Code: 0
Last-Modified: Sa, 19 Mrz 2022 05:20:08 GMT
Server: Microsoft-IIS/8.5
Date: Sat, 19 Mar 2022 05:20:08 GMT
Access-Control-Max-Age: 1000
Access-Control-Allow-Methods: POST, GET, OPTIONS
Content-Type: image/gif
Access-Control-Allow-Origin: https://googleads.g.doubleclick.net
Cache-Control: private
Access-Control-Allow-Credentials: true
X-ET-Camp: 569
Access-Control-Allow-Headers: *
Expires: Mon, 26 Jul 1997 05:00:00 GMT

GET
H3 200 Enqz_20U.html Show response
tpc.googlesyndication.com/sodar/ Frame 2F7B 22 KB
8 KB 19ms
19ms Document
text/html 2a00:1450:4001:82a::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/UFYwWwmt.js

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:82a::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
cross-origin-resource-policy: cross-origin
cross-origin-opener-policy: same-origin; report-to="adspam-signals-scs"
report-to: {"group":"adspam-signals-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/adspam-signals-scs"}]}
timing-allow-origin: *
content-length: 8395
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
date: Thu, 17 Mar 2022 07:28:30 GMT
expires: Fri, 17 Mar 2023 07:28:30 GMT
cache-control: public, max-age=31536000
last-modified: Tue, 03 Mar 2020 20:15:00 GMT
content-type: text/html
age: 165098
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 createjs.min.js Show response
code.createjs.com/1.0.0/ Frame 7B71 236 KB
63 KB 79ms
28ms Script
text/javascript 2a02:26f0:fb::5f65:5922
AKAMAI-ASN1

General

Check archive.org

Show headers Download Go to

Full URL: https://code.createjs.com/1.0.0/createjs.min.js
Requested by: Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6686288770309816320/Baby_728x90/JAKO-O_Baby_C_728x90.html
Protocol: H2
Security: TLS 1.2, ECDHE_RSA, AES_256_GCM
Server: 2a02:26f0:fb::5f65:5922 Frankfurt am Main, Germany, ASN20940 (AKAMAI-ASN1, NL),
Reverse DNS
Software: Apache /
Resource Hash: e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Sat, 19 Mar 2022 05:20:08 GMT
content-encoding: gzip
server: Apache
cache-control: max-age=900
vary: Accept-Encoding
content-type: text/javascript
x-n: S
accept-ranges: bytes
expires: Sat, 19 Mar 2022 05:35:08 GMT

GET
H3 200 JAKO-O_Baby_C_728x90.js Show response
s0.2mdn.net/sadbundle/6686288770309816320/Baby_728x90/ Frame 7B71 75 KB
14 KB 20ms
19ms Script
application/x-javascript 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://s0.2mdn.net/sadbundle/6686288770309816320/Baby_728x90/JAKO-O_Baby_C_728x90.js

Requested by

Host: s0.2mdn.net
URL: https://s0.2mdn.net/sadbundle/6686288770309816320/Baby_728x90/JAKO-O_Baby_C_728x90.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7aaf74dd831a7f35b8842255d822ec35ced240cd3fb14b6992c0ff8c01fa212f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6686288770309816320/Baby_728x90/JAKO-O_Baby_C_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 13:40:36 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 401972
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14155
x-xss-protection: 0
last-modified: Mon, 21 Feb 2022 16:53:09 GMT
server: sffe
vary: Accept-Encoding
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: application/x-javascript
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 14 Mar 2023 13:40:36 GMT

GET
H3 200 Guojae3EGYR4c8nOY3QAJp6N_HyMY3qMC8IMY_l3vL8.js Show response
pagead2.googlesyndication.com/bg/ Frame 2F7B 35 KB
14 KB 23ms
19ms Script
text/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Guojae3EGYR4c8nOY3QAJp6N_HyMY3qMC8IMY_l3vL8.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/Enqz_20U.html

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1aea2369edc419847873c9ce637400269e8dfc7c8c637a8c0bc20c63f977bcbf

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 22:15:24 GMT
content-encoding: br
x-content-type-options: nosniff
age: 371084
content-security-policy-report-only: require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/botguard-scs
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 13802
x-xss-protection: 0
last-modified: Mon, 14 Mar 2022 11:18:00 GMT
server: sffe
cross-origin-opener-policy: same-origin; report-to="botguard-scs"
vary: Accept-Encoding
report-to: {"group":"botguard-scs","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/botguard-scs"}]}
content-type: text/javascript
cache-control: public, max-age=31536000
accept-ranges: bytes
expires: Tue, 14 Mar 2023 22:15:24 GMT

GET
H3 200 Bild_01.jpg
s0.2mdn.net/sadbundle/6686288770309816320/Baby_728x90/images/ Frame 7B71 15 KB
15 KB 20ms
19ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6686288770309816320/Baby_728x90/images/Bild_01.jpg

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/html/r20220316/r20110914/zrt_lookup.html?fsb=1

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

83b6d918633248d433a072c4c0d1d918e89c3c0e5cd8d415202ab55b1bd66355

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6686288770309816320/Baby_728x90/JAKO-O_Baby_C_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 13:40:37 GMT
x-content-type-options: nosniff
age: 401971
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 15503
x-xss-protection: 0
last-modified: Mon, 21 Feb 2022 16:53:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 14 Mar 2023 13:40:37 GMT

POST
H3 200 view
googleads4.g.doubleclick.net/pcs/ Frame 1C64 0
23 B 57ms
30ms Ping
image/gif 142.250.185.194
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads4.g.doubleclick.net/pcs/view?xai=AKAOjsvjlyUjSGYRGA_SHU5EGeUlE_D3WOCuFnbd47T_Aj9mwd9H8gq3Ljw4pgpXuEbYxvz_6VIaP6Uj9LpvAaKbkMtNA6_NFmKhfIi5rb8M6V0OFSN5ZE7ljK1GSD2qkT334VPUrjn-RI_iINKF3dP858DV3mnO8iIep5Ep1xzhdEnspC1pE1V3sD7JgmWlw25mHs3OYTMuh_50o91zU0cEkl5NhS-nOfhdrlyurfM6Jx-d3WcnBcYe40Vn7YBQ_Eymg3-M0z3Ir_qklXiL5Rq-CQ2L3vitkRRVqI3fZp-AgB3t9LyaIxgen2C8uq7ZESLQGgVifP79B1eZy6vXB-DhNtRsahFbYfQ55Z36zZvq8K2Q0KIdQL82WIWYtuWjfDKrA3am6EdjACesLQEU7jsVKJSDscbfNhjYzbjdzX3lwEcReqnJmiXWR8VDiCShl9J0AjrT4ccPH3PqYhCx1gEx26AtO24RNJwAIgO-1J6U_QT4be2l1Ae4cIcamNfDMyGQpbHMHedXSXxLDA5-B8TmoD44563taIuaFt9hNJrgutoWgBBr8Ug6Rm23t3g8bhH9YeI-0QUlT0yY9BAzHLs4bYQeflb3r1GmxKM-KCYvPt3VMso_gxiOnToB6zvetsAc8vCxlzEjV2EMPnPt92mEfv5hctCY5QaOaTJ2hnnoToH4Quw0drkyb1yAtMXI5ZGtLtbGPK8uszEu3XErVRjbDreTs2e0kkrxMhnNVEIQFsYi5wDV5l6wGuELTgGApDMtK7rZ4XoPOrmKUCGNDErV1xWCE3evDmxpc8v4k_GpT5R-5d7SDZrKoZL3c85ZaFx7ijXgeHN3iz8OsorfPigyrsVjVsfX0S6k3UHXW1NHqv-Ju28ONkxe4B1A-ZECd1OA8lU8CwgGDXut7nQ_kW6q8GoKYxzGGH9EV8afPgI6fXambEExoL1QJfMcVo8ZoNDbvRxZD1b9at8vb1He95nBUv9iroFFou5oDx5QWLuNY1mhD8K4ItLrRpmU-MsPuQb-WiwgDJAjngz2NsZbjAgUynOD08AF6ODZLtaidyq3WEXnAuY2Htxo8ke6IYmFy9yvtmzL4IO38CoMonjKzC0rnvquDHbGc3m8r5jtz6ubXmGpdhVscw-vpCNzNYkWSggE_pBiT_Md5WXp7tyWnXuJhovO5CVKzSZiNClrDfG79wpZ3XsNwUsVBcKhbHxIgKJZUnE&sai=AMfl-YRXD6MD39qfU-ZQM_flaNfkwavrNm9EQWxtSCvRB8Xy2uzBikmosmouCLjCNRj-MIEo8Qlh1gJ1PBCdo6qgCPeBZ8HsTzaMal_w8q2oYXewdWxOr3Fdxv4laVjfiujBs3T_&sig=Cg0ArKJSzOu61GWTQgZfEAE&uach_m=[UACH]&cry=1&fbs_aeid=[gw_fbsaeid]&urlfix=1&omid=0&rm=1&ctpt=304&vt=11&dtpt=203&dett=3&cstd=98&cisv=r20220316.49867&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0.&adurl=

Requested by

Host: oknaforlife.ru
URL: https://oknaforlife.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

142.250.185.194 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra16s52-in-f2.1e100.net

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

timing-allow-origin: *
date: Sat, 19 Mar 2022 05:20:08 GMT
x-content-type-options: nosniff
accept-ch: Sec-CH-UA-Platform, Sec-CH-UA-Platform-Version, Sec-CH-UA-Arch, Sec-CH-UA-Model, Sec-CH-UA-Full-Version
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
server: cafe

GET
H3 200 Bild_02.jpg
s0.2mdn.net/sadbundle/6686288770309816320/Baby_728x90/images/ Frame 7B71 32 KB
32 KB 19ms
19ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6686288770309816320/Baby_728x90/images/Bild_02.jpg

Requested by

Host: oknaforlife.ru
URL: https://oknaforlife.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

efba92db423529f9656c5477515b8bd5e01758dbc3360a450581fb3c29573525

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6686288770309816320/Baby_728x90/JAKO-O_Baby_C_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 13:40:37 GMT
x-content-type-options: nosniff
age: 401971
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 33162
x-xss-protection: 0
last-modified: Mon, 21 Feb 2022 16:53:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 14 Mar 2023 13:40:37 GMT

GET
H3 200 Bild_03.jpg
s0.2mdn.net/sadbundle/6686288770309816320/Baby_728x90/images/ Frame 7B71 25 KB
25 KB 19ms
19ms Image
image/jpeg 2a00:1450:4001:829::2006
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://s0.2mdn.net/sadbundle/6686288770309816320/Baby_728x90/images/Bild_03.jpg

Requested by

Host: oknaforlife.ru
URL: https://oknaforlife.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:829::2006 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

382a2afffb21d2df63b4c25fa0fcc8b9da4f99f850b4f23cfbd7fe26474dca05

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://s0.2mdn.net/sadbundle/6686288770309816320/Baby_728x90/JAKO-O_Baby_C_728x90.html
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

date: Mon, 14 Mar 2022 13:40:37 GMT
x-content-type-options: nosniff
age: 401971
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 25560
x-xss-protection: 0
last-modified: Mon, 21 Feb 2022 16:53:09 GMT
server: sffe
report-to: {"group":"ads-doubleclick-media","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/ads-doubleclick-media"}]}
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
cross-origin-opener-policy-report-only: same-origin; report-to="ads-doubleclick-media"
expires: Tue, 14 Mar 2023 13:40:37 GMT

GET
H3 204 gen_204
pagead2.googlesyndication.com/pagead/ Frame 2F7B 0
20 B 55ms
55ms Image
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar&v=30&t=2&bgai=BsWiuCGg1YqODIsiH7_UPiqWtuAcAAAAAOAHgBAI&bg=!09Cl0JTNAAba2mK92to7ACkAdvg8WkD27IGzN5rsk1sI-xXpJzNYEFfyvpQMvwhzzz9dsF0m-DsVGgIAAABtUgAAAAJoAQcKAAjicSvKLC_BqZkDMlrtTHNSxFwZVsxqxlFOlUgPc2nk6JQJ1Yw45ZXu9kdu16b33iKedOtg3RCOg3Goe5UD75_eJfR5sgsWP2m-91RyuWVZhJtn7rmQv3HsEm1GHnToXQteSOnsEx027cenei6Bae0FuLgj3GcuHTjplbr6hlgI9WjNAAMMmP7vroz5VjofK__Jexol71bPGHlwsKsmUrEjSH6drXf1GiEgLYRujmnZGqn4PqkERq8nZIqiuP1PAxf5BbJAWq7jfKu-bSOTXREOVjrpu9P-RDRZJBkHZmoth9LAJ2348BAaT7qIY8qH4M4HkCnzv6f6fOXSRvEjNMQNbkcIMkGpur5aFKa5XQ_nQTNt9TPDovCDZkHN9iWF2oNi6NVzpS-KhlngbENBazc3y-k508URuXx7UDIIjOiRdishdwGaoVFN7dlQbRdF70nt8Bmx0MOsROFfeN91QfgcD2rE5oKFo0htaKZGWbCtrEZsDlqbPZi601zxEqGgGxNGmqG0my4TV3gBNJiWYCh2zhcPFrdV2Pdu968LIeKDpAX5WrFSrd_1NN_gPF-_col-UIg-DY3946Wezc_VnY1OgDR0xUj3yZxeiDq3bDt7pf7rFDv1r4pD4LU4Z0EuGReY8MJBrUTpXz0xfNpHi8NFF3Rc_DHvUOUgyrm6idTS2PkB0TBFxomh-rs3GnuTFV9W5j_UhEp5S-HxT_R-eKRXfQ5Ycv6PkgSDeV5YxQOfCkFKvhBYAvWvPEGY1R3yQ60mVYVYc4bkp9YTaiPT_j3Gv7dgGRdixUVloUYYmTQ4HEMLF7twkfDczsVpZT6d7x7MLQyzj36XPaxdyo3tZs5ZuLgk6vFzr5SuKBZS8YcJThHP9iF1Sni9qyJ4LcPn7XgEs6WEQNMo_mTSZRrK68jYTk-pvwnZZP59tlrstbii-fXyjTZvXECLE9OTZXp4jA52Cgb6vCuvYNF_2bhd_aVuy-zUDwv07U2_GfdJKf1jh2rzx8DoGZvqI3S7woETbsVEtpGvuBLb1WfWBs_lsvC7_qX5XrchT-JgJ6v3s6ZvXU5UqiyKPPgw4YOwoQUJBVHSRnjSESzwDlz1wSuZ

Requested by

Host: oknaforlife.ru
URL: https://oknaforlife.ru/

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Mar 2022 05:20:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 1C64 42 B
64 B 69ms
42ms Fetch
image/gif 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssri2FJU1vTiaNdqkC16yWrqaLnKYPVxVuk4sHF0z65YbyRsmZJS2R4hzJA88kbnspv7sH33xGVT2bebQ3am_fLyqLpU3yHbaff_83vKHKP-PwvJ3rqmw&sai=AMfl-YSOopvLrJCS72iLaL1358v8miUBSsMlrPbsQbU-06x6tlw3j213_CKOxx-jKHgxXboC_t30d8FpAM85&sig=Cg0ArKJSzDUNKWzgiJTiEAE&cid=CAASBORovQM&id=lidar2&mcvt=1000&p=0,0,90,728&mtos=438,938,1000,1000,1000&tos=438,500,62,0,0&v=20220316&bin=7&avms=nio&bs=0,0&mc=1&if=1&vu=1&app=0&itpl=20&adk=1812271801&rs=2&la=0&cr=0&uach=WyIiLCIiLCIiLCIiLCIiLFtdLG51bGwsbnVsbCwiIixbXV0%3D&vs=4&r=v&rst=1647667208526&rpt=379&met=mue&wmsd=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Accept-Language: de-DE,de;q=0.9
Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36

Response headers

pragma: no-cache
date: Sat, 19 Mar 2022 05:20:09 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

POST
H2 200 56921500 Show response
mc.yandex.com/webvisor/ 43 B
145 B 253ms
43ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/56921500?wmode=0&wv-part=1&wv-hit=956707004&page-url=https%3A%2F%2Foknaforlife.ru%2F&rn=584916187&wv-type=3&browser-info=bt%3A1%3Agdpr%3A14%3Aet%3A1647667211%3Aw%3A1600x1200%3Av%3A760%3Az%3A0%3Ai%3A20220319052010%3Au%3A1647667208218611687%3Avf%3A7oivoclvhnsftt6hmgv%3Awe%3A1%3Ast%3A1647667211&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://oknaforlife.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 19 Mar 2022 05:20:11 GMT
last-modified: Sat, 19-Mar-2022 05:20:11 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://oknaforlife.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 19-Mar-2022 05:20:11 GMT

POST
H2 200 56921500 Show response
mc.yandex.com/webvisor/ 43 B
73 B 43ms
43ms XHR
image/gif 2a02:6b8::1:119
YNDX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.com/webvisor/56921500?wmode=0&wv-part=1&wv-hit=956707004&page-url=https%3A%2F%2Foknaforlife.ru%2F&rn=659213915&wv-type=3&browser-info=gdpr%3A14%3Aet%3A1647667211%3Aw%3A1600x1200%3Av%3A760%3Az%3A0%3Ai%3A20220319052011%3Au%3A1647667208218611687%3Avf%3A7oivoclvhnsftt6hmgv%3Awe%3A1%3Ast%3A1647667211&t=gdpr(14)ti(2)

Requested by

Host: mc.yandex.ru
URL: https://mc.yandex.ru/metrika/tag.js

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (YNDX, FI),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Xss-Protection	1; mode=block

Request headers

Referer: https://oknaforlife.ru/
Accept-Language: de-DE,de;q=0.9
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
Content-Type: text/plain

Response headers

pragma: no-cache
date: Sat, 19 Mar 2022 05:20:11 GMT
last-modified: Sat, 19-Mar-2022 05:20:11 GMT
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: https://oknaforlife.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 43
x-xss-protection: 1; mode=block
expires: Sat, 19-Mar-2022 05:20:11 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain: oknaforlife.ru
URL: https://oknaforlife.ru/sFaQ0wZ4C.js

Domain: advego.com
URL: https://advego.com/

Domain: webhost1.ru
URL: https://webhost1.ru/?r=47552

Verdicts & Comments Add Verdict or Comment

154 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

40 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
oknaforlife.ru/	1969-12-31 23:59:59	Name: flat_r_mb Value: %2F%2F%2F%3Adirect
.oknaforlife.ru/	1970-01-20 11:02:43	Name: __gads Value: ID=34db3b6094b4211b-228321d661cd0051:T=1647667207:RT=1647667207:S=ALNI_MZiqZPebN-TCzBkCK7qfmLk8GBEnQ
.oknaforlife.ru/	1970-01-20 10:26:43	Name: _ym_uid Value: 1647667208218611687
.oknaforlife.ru/	1970-01-20 10:26:43	Name: _ym_d Value: 1647667208
.oknaforlife.ru/	1969-12-31 23:59:59	Name: surfer_uuid Value: 6f1c00b0-d898-478c-814c-69202a59d4f9
.oknaforlife.ru/	1969-12-31 23:59:59	Name: la_page_depth Value: %7B%22last%22%3A%22https%3A%2F%2Foknaforlife.ru%2F%22%2C%22depth%22%3A1%7D
.oknaforlife.ru/	1969-12-31 23:59:59	Name: page_load_uuid Value: 4e7b7e8d-89ad-4cda-bc6f-8a55d8959c5f
.mc.yandex.com/	1970-01-20 01:41:07	Name: sync_cookie_csrf Value: 2106897605fake
.oknaforlife.ru/	1970-01-20 01:42:19	Name: _ym_isad Value: 2
.mc.yandex.ru/	1970-01-20 01:41:07	Name: sync_cookie_csrf Value: 564503932fake
.yandex.com/	1970-01-20 10:26:43	Name: yandexuid Value: 6250755851647667208
.yandex.com/	1970-01-20 10:26:43	Name: yuidss Value: 6250755851647667208
mc.yandex.com/	1969-12-31 23:59:59	Name: yabs-sid Value: 1294978311647667208
.yandex.com/	1970-01-23 17:17:07	Name: i Value: R6AVltlBSSK9SZr4Oikt1WiBd+7mtyweRaxiQ0rwgw7UD3m/fE0+55NJO5fa0Yi65p06EQUP0BYde3JYx3D0Q1Foswc=
.yandex.com/	1970-01-20 10:26:43	Name: ymex Value: 1679203208.yrts.1647667208#1679203208.yrtsi.1647667208
.oknaforlife.ru/	1970-01-20 01:41:09	Name: _ym_visorc Value: w
.doubleclick.net/	1970-01-20 11:02:43	Name: IDE Value: AHWqTUnNfe5ESqwTAFAL2mtJsB9SUj8xfyi5gWJFz1OIRoLz8wawf12yA79XLo3xH6c
.ad.admitad.com/	1970-01-20 19:12:19	Name: UID Value: v=3\|id=ed94930b1b1dab1baaf9aa3870cf8112\|expr=1710739208\|type=0\|business_expr=1650259208
.ad.admitad.com/	1969-12-31 23:59:59	Name: UID2 Value: v=3\|id=ed94930b1b1dab1baaf9aa3870cf8112\|expr=1710739208\|type=0\|business_expr=1650259208
.casalemedia.com/	1970-01-20 03:50:43	Name: CMPS Value: 3186
.casalemedia.com/	1970-01-20 01:42:33	Name: CMST Value: YjVoCGI1aAgA
.adnxs.com/	1970-01-20 03:50:43	Name: anj Value: dTM7k!M41.D>6NRF']wIg2C$Gd@X!'!]tbPl1M>e)ZlrFUfJ+tGXxo]U$oFLQT`#BD>AHa^Esq29vFW?YLqpV[y]26bpRzqF1`*b]jX)jXMi
.adnxs.com/	1970-01-20 03:50:43	Name: uuid2 Value: 8073518875569908476
.casalemedia.com/	1970-01-20 10:26:43	Name: CMID Value: YjVoCE6e0tlXb13hVqJ4pQAA
.casalemedia.com/	1970-01-20 03:50:43	Name: CMPRO Value: 1104
m.exactag.com/	1970-01-20 03:50:43	Name: exactag_new_gk Value: 3146ffe452c5480c80128f415027e4c6%7c18.05.2022+05%3a20%3a08
m.exactag.com/	1970-01-20 06:00:19	Name: exactag_new_uk Value: 7b0bb735ef2a4637b59d9005fe740c97%7c
m.exactag.com/	1969-12-31 23:59:59	Name: session_session Value: 1bf09e5a16cc4ef0ab2e6a24
.casalemedia.com/	1970-01-20 10:26:43	Name: CMRUM3 Value: 2d623568082760CAESEKdI31dfixrmvL_COAo9Oow
.aliexpress.com/	1969-12-31 23:59:59	Name: acs_usuc_t Value: x_csrf=1ek1kgkro3g6b&acs_rt=efb7f7b7d1ea4e0f80ee6a0d3a322c65
.aliexpress.com/	1970-02-13 22:12:30	Name: aeu_cid Value: b07582248b644e678ab69bcef0c5686a-1647667209414-07651-_dSydzZH
.aliexpress.com/	1970-01-20 03:50:43	Name: xman_t Value: Fk+9U7YsO46qZLecmBj9/WJOEop1GrHTTxnjnbaK9pnKoF6WKPBqAAVaX53qyq4Y
.aliexpress.com/	1970-02-13 22:12:30	Name: xman_f Value: 4wQoFoaQ8okVHS/TdF70RX5D9TsPxxY7ykkL+xwdNKVwT8g7nrNuSBtySZUJTZd8Asek5O6chKJdVI29GwJO/i11UTXAumLYyNh2YN9d87IoHiwL1U607w==
.aliexpress.com/	1970-02-13 22:12:30	Name: af_ss_a Value: 1
.aliexpress.ru/	1969-12-31 23:59:59	Name: acs_usuc_t Value: x_csrf=hsoxlt69_e5q&acs_rt=1b724ccfbb644018b1fc87c28666ec44
.aliexpress.ru/	1970-01-20 03:50:43	Name: xman_t Value: SccDGDqsZD00Ihfbe8ZQ3pdTts1gt066TEZ20B1HnNREErwEmZ19GUtPcVEPKg4k
.aliexpress.com/	1970-02-13 22:12:30	Name: xman_us_f Value: x_l=0&acs_rt=efb7f7b7d1ea4e0f80ee6a0d3a322c65&x_as_i=%7B%22aeuCID%22%3A%22b07582248b644e678ab69bcef0c5686a-1647667209414-07651-_dSydzZH%22%2C%22affiliateKey%22%3A%22_dSydzZH%22%2C%22channel%22%3A%22AFFILIATE%22%2C%22cv%22%3A%221%22%2C%22isCookieCache%22%3A%22N%22%2C%22ms%22%3A%221%22%2C%22pid%22%3A%22818320463%22%2C%22tagtime%22%3A1647667209414%7D
.aliexpress.ru/	1970-02-13 22:12:30	Name: xman_f Value: UPWExG5o3kg56d8fe3A6NIYyb26wEFXQYpVvpi28UNDMbC/Z6ccCgP9WqbbXxrPrCvkd7WX74DmAArrGBb94n48Okv+3kj96L1GngLkW6XslEfhXhKNCqw==
.aliexpress.ru/	1970-02-13 22:12:30	Name: xman_us_f Value: x_locale=ru_RU&x_l=0&x_c_chg=1&acs_rt=efb7f7b7d1ea4e0f80ee6a0d3a322c65
.aliexpress.ru/	1970-02-13 22:12:30	Name: aep_usuc_f Value: site=rus&c_tp=EUR&region=DE&b_locale=ru_RU

8 Console Messages

A page may trigger messages to the console to be logged. These are often error messages about being unable to load a resource or execute a piece of JavaScript. Sometimes they also provide insight into the technology behind a website.

Source	Level	URL Text
network	error	URL: https://mc.yandex.com/sync_cookie_image_decide?token=9582.X4geT3qDtdBleriH2_iO9CTMJHR8VAhCOxeNxT3TpedEKhV1l_ZgNsyzr1v3bMzO8jUvNuETjPguo1nrm3ZjIA%2C%2C.FR0OQZT-2u11epTfh7hJWcAMdbA%2C Message: Failed to load resource: the server responded with a status of 400 ()
network	error	Message: The script resource is behind a redirect, which is disallowed.
network	error	URL: https://www.miralinks.ru/users/registration/from:255537 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://www.aviasales.ru/?marker=229555 Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://advego.com/ Message: Failed to load resource: net::ERR_HTTP2_PROTOCOL_ERROR
network	error	URL: https://www.etxt.ru/?r=anakot2010 Message: Failed to load resource: the server responded with a status of 503 ()
network	error	URL: https://hostiq.ua/clients/aff.php?aff=381 Message: Failed to load resource: the server responded with a status of 403 ()
network	error	URL: https://text.ru/nikmaz Message: Failed to load resource: the server responded with a status of 404 ()

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

ad.admitad.com
adminvps.ru
adservice.google.com
adservice.google.de
advego.com
ajax.googleapis.com
alfabank.ru
allpositions.ru
aviasales.ru
beget.com
best.aliexpress.ru
bigreal.org
cm.g.doubleclick.net
code.createjs.com
dsum-sec.casalemedia.com
fonts.googleapis.com
fonts.gstatic.com
fozzy.com
googleads.g.doubleclick.net
googleads4.g.doubleclick.net
hostiq.ua
ib.adnxs.com
iexqhm.com
intelcentre.ru
kwork.ru
letyshops.com
login.aliexpress.com
login.aliexpress.ru
m.exactag.com
mc.yandex.com
mc.yandex.ru
my.adminvps.ru
oknaforlife.ru
pagead2.googlesyndication.com
partner.googleadservices.com
s.click.aliexpress.com
s0.2mdn.net
static20.online
text.ru
timeweb.com
tpc.googlesyndication.com
webhost1.ru
webmaster.leads.su
www.aviasales.ru
www.etxt.ru
www.gogetlinks.net
www.googletagservices.com
www.gstatic.com
www.hostland.ru
www.hts.ru
www.miralinks.ru
www.reg.ru
www.rookee.ru
advego.com
oknaforlife.ru
webhost1.ru
104.111.216.213
116.202.164.135
142.250.184.226
142.250.185.194
142.250.186.130
159.69.75.12
178.248.232.86
185.106.81.236
185.203.72.141
185.26.122.131
185.26.99.247
190.115.31.9
193.168.47.253
193.233.15.88
2.18.234.21
217.12.104.100
2606:4700:10::6814:33a1
2606:4700:10::6816:24bf
2606:4700:10::6816:3c96
2606:4700:20::681a:cc8
2a00:1450:4001:803::2002
2a00:1450:4001:808::2002
2a00:1450:4001:810::200a
2a00:1450:4001:827::2002
2a00:1450:4001:827::2003
2a00:1450:4001:828::2002
2a00:1450:4001:829::2006
2a00:1450:4001:82a::2001
2a00:1450:4001:82b::2003
2a00:1450:4001:830::200a
2a00:1450:400e:800::2002
2a00:f940:4::8
2a02:26f0:fb::5f65:5922
2a02:6b8::1:119
2a03:6f00:1:2::5c35:746b
37.252.173.62
45.130.41.15
45.130.41.21
5.187.5.24
5.253.61.60
62.128.97.25
62.128.97.7
62.76.25.28
78.110.50.108
85.14.248.91
87.236.16.42
89.208.226.140
93.171.200.41
93.171.200.6
93.171.200.70
01caf20e667c8e300960582162f912d9405e9895c32cff1a9ee95511fd509a2c
020df39c81cfb633912beba136394d0a5ca8f936d149468784dd28e79bebf509
027fcac8e0143549f857677eb19cc7d9359cb996b8b68064d378cb4b9f98a250
02fa69ebbe36e119dc76cb03d0cead1d658ebda20d1f1a76752f1056da74f72c
053508cc4ed1acf7db8ed96deca42ffebfa1669c5cecd62f4415b926d07b5aaa
0b8a20373c6dd04e091902226d922b3688143a8938afb9d283d889de7b55ceb5
0ce5fc08d0f617e71e1d61bcd79fc7cc1855f4221945b0c09ac774685fe7f52c
0eaeadb58e6995ba85eccb6198aaef77eeb1d4b66699e4e1f3fc10eb6adfcdb9
105dade1b61fc4b1ddde45c3b8bccba4a2c308cc0b63edb76e73e7bc659a6932
127ab3ff6d14112ae6aa40b68d9d3144748eda08efbc60a48a5be0555cf8622b
130a43cca1bff95cb9ddbf237d8a1eacb1bffc24e946906b3724b96c80b3e3c9
13d20ed0ea0cea46cbf945f675dd52eff111575d8af95eecb45e3491e1f76e08
14f17e5a9922761162f13a1ebe6cf4bf53cac2d3b3041b941ae3f40f32ae6fba
1aea2369edc419847873c9ce637400269e8dfc7c8c637a8c0bc20c63f977bcbf
1baa8dfef83f71cf0101b5badfbf838b90ab295238253e9664086a6cb6debe18
1e046a89bb90f44dadb24f5fdfbe412b5f6d320b790f7317fad956b193234726
21061765237c66c10b48e236063a3497c22d33629e98f8654d1a3b860fa48700
28f18d39406a4b70dfa6cd479fe03f7ed918ca5c05cee26b87d9e1626cea1ed9
382a2afffb21d2df63b4c25fa0fcc8b9da4f99f850b4f23cfbd7fe26474dca05
3ceb7ae66d6b147bb7bc7a7ff2f1ccd8ac00810d2ff71d31784c787eeb214bc1
3d138b2397bc5493f655d6851c415468642419de9f335de648093c8d8a1d407c
3f220f3495c96b51b282b05e390230202c948611867f2841cdf8ac30f7fdd427
3f886200e3899fa1735262a8febab9d7700724b45ad857992bca7875b83de675
40aa7f405097c72998c85b480b8df7d7b905b5f0a3751892032358c18cd74ade
4a18b0faf6a447454e134730303202f8416b72f1d4f744b1d3b4646636240eb7
4b5b6b15c6255109e06720cce42a06d3aead8b7874423d9c52cb0303212c25ef
4d45982f2dc34f36c9045ee46a75a1943666bb7fd64e103cac8c7429e7012840
5056305b09ad6474ea540f796c79be51d6b8e96043cb3d7bc4ef774e56765f4f
540bc6dec1dd4b92ea4d3fb903f69eabf6d919afd48f4e312b163c28cff0f441
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
5c4a713ee4250851232be9f9f68d41586be39b299528cfc7266e0b0e7e582e1b
5faf35ef984a9608bfb1b898f477b401899df014c17bae6f6a44ca540bad3a0d
616e113ac0e195d35243fd45637644b809d0247347d8483ab4e65d73f80c02d5
6491cb19959bce444b9952b5514d725d2ceceb52ab171edfbccfcafcbe675b9e
68026f99511fbc5c2275b7068b5fac19797d638977ffb9db12c5c1523614c18f
68a74a74c220c0fc309cd27ba582285f5df81d8fa011bd71f145c23e12e5f5fe
71348f4f38512af6e6ba8062fe5545a783f91d1a07bcb300c246f1bad9b0d4b6
7793aca0f8c146134a0096ea8c91a340a2c997bfd593613f09d955065e0faf96
7a487d46a028c374c609924015d8c7ef6dd28b613a3739aa97ed2080984775bb
7aaf74dd831a7f35b8842255d822ec35ced240cd3fb14b6992c0ff8c01fa212f
7b29adb9fb1a4c336ec3b6bc909840f41416fecc9126cec31e17fb680116d0c0
7cb47f56d6d8f8829f831bf4f1132b2e0d848b0289dc69179c0407b931f89b28
808d7bc203908d943ccac89a8d805b4a9649bbb2e8bdda0e0395b5e8dc77cf00
829f231f055f828b1fb3357c6e7a5ac7949285948ae27ecaf41f1b3bb25dad24
8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434
83b6d918633248d433a072c4c0d1d918e89c3c0e5cd8d415202ab55b1bd66355
8a9abd30808e6387e54e53cb874e3feac92d1e0d474746405acd7db18a519f65
8dd3b91ca60e6a0486326c5c275590dd1d753240c2efa9f94730815813997fee
90b39bf449018b6b090e1f0568253da93a29441b9170926c5c82868a5f072faf
969c79a3c215a2ed73aaa37db73760829786444b7ca9cde3cdc0c898c1779797
9ff367082be1d94abc86ad1e75ff921cc5d53846e860267372fade66305f9120
a0a4ef0785ba4ad33ed14b2d92ac886eec34a2de3d35ad5207063c26064f3416
a23e44d9d02a2a9641a9bd3b47693656054c00b71890aed2fa7fc90151750f73
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
a4cc8248c65b1d5277d920cd0aaadaf2d0b0aeb2c31c3078171127866ad304b7
a808bb05c364a7238c41674e310abcfc6632f844eed30cb285ead21877c8263c
a85e78997dc0eb8063a75aa245c223a8fbe65936d9aa0d908ba51b7d50f7ab21
ab7475d461d9f613ef90faa375ec3387987dd7536af23c13cacd6be9c0c0e370
afe0dcfca292a0fae8bce08a48c14d3e59c9d82c6052ab6d48a22ecc6c48f277
b1442e85b03bdcaf66dc58c7abb98745dd2687d86350be9a298a1d9382ac849b
b6dcc1490a0cc33cdeed8970677b89bbec6fa095675af198b8e923b64563c70a
b75dd77b606aedc55bafd7ff855105060fe9840a83083ce1180b91e9b457ccd6
ba5c75008a133ef73a0eb980a0c37c168b6bd5db7279a90105697670440eeedf
bc68a3e6e6f0074ff46c18beea2033fc4e8c6ee513dc0617758f45e2bdd8b88a
cc29d9f69561a08175e5ce7d2b503dbb202b5a3b6a77e80ceb3830cd9640c1e0
cc46322d5c4d41da447f26f7fa714827f2ec9a112968c12ef5736c7494985eca
cd7c7f4e6d4b0a2edb7c4bf64e9ba4333e2fd5f520db57e41652bd322e688d78
d072a09604e6a1fea8ef42203503771aa36b63a3c91fd1059966e26e6f5812b3
d15c82df5c2fe55ff8c2184e00eb57948111e5e6dd6bd9c3bb765986b9b4b2a9
d2a4d131bd14a3fa0e89f5dc3fb1c387b0b64e00d93d7709f20972f36dbb2c07
dda25938bf92e7f6d68a825fb2f11ab6256bbd6a6aacdb382569b3d2ebee9dfc
dfd6d929422d1f69a727fb6b525f610562eab183a333576516bec0b0503cb049
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e439bebf8de2df0582273906d2c1dceff2387c661efb2152ef1c28420ce4e7e5
eafe160c631fe12e8295a70b1f984d23fe9a988f47c3768683927c69554e6b0e
ecc2e585ea072abb205881f3aad6f36e92d556537e7100a8a128ddbc75edb436
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
efba92db423529f9656c5477515b8bd5e01758dbc3360a450581fb3c29573525
f34bb7d9c8f2db0e78e5d7b226bc169182f8c22e7cd1a3e7b5767519b709c1bc
f70d2f899dcdb336642ade442596b9786c4fe4a98e0a7489dbce7a648d6a67aa
f72fee40ff0cb60502cf88fccb827d5b2a74e80844282c5fd333191a797bd9be
f805b10542de28f6b4addcf10942a15ababbef0748d7fa7c78e6312234a06ab7
fb61ac11c864bf22608d0a21011536a89de048a06b2fd89337a15959673309d6

oknaforlife.ru Open in urlscan Pro 87.236.16.42 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Page Title

Page URL History Show full URLs

Detected technologies

Page Statistics

120 Requests

78 %HTTPS

38 %IPv6

44 Domains

53 Subdomains

46 IPs

7 Countries

1367 kBTransfer

3450 kBSize

40 Cookies

4 Outgoing links

Page URL History

Redirected requests

120 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 7 data transactions

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

oknaforlife.ru Open in urlscan Pro
87.236.16.42 Public Scan

Screenshot
Live screenshot

Full Image

120
Requests

78 %
HTTPS

38 %
IPv6

44
Domains

53
Subdomains

46
IPs

7
Countries

1367 kB
Transfer

3450 kB
Size

40
Cookies

120 HTTP transactions
7 data transactions