povorotnetuda.ru Open in urlscan Pro
87.236.16.107  Public Scan

11 Outgoing links

These are links going to different origins than the main page.

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Search URL Search Domain Scan URL

---

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 51

• https://mc.yandex.com/sync_cookie_image_check HTTP 302
• https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9266.MTxVGuZNXQ_BZwkc68yJgPmptE3gr12RTpMj4QCAwIMksSfhDcDSte6Ze4n09hFv.nLRmR-WPB1chwEWYbhHS2GqcFfo%2C HTTP 302
• https://mc.yandex.com/sync_cookie_image_decide?token=9266.Y5TF7X8ZxSswMYnpYL71Z-ae0aNa-rSCqcg6xdfnB5vY7e8oCTeVqVSzbnYQBdeL9rT4qcxYadwcigtTYMOOkg%2C%2C.qYLo2vG2ahCzCRi0Jq-9lUYg9nY%2C

Request Chain 55

• https://mc.yandex.com/watch/31361493?wmode=7&page-url=https%3A%2F%2Fpovorotnetuda.ru%2Flogin.php&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abx1nzewshzamry4%3Afp%3A464%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A1%3Adp%3A0%3Als%3A138141547974%3Ahid%3A972590676%3Az%3A120%3Ai%3A20210507155738%3Aet%3A1620395858%3Ac%3A1%3Arn%3A725433135%3Au%3A1620395858194914867%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1620395857418%3Ads%3A0%2C113%2C192%2C1%2C0%2C0%2C%2C238%2C4%2C%2C%2C%2C548%3Adsn%3A0%2C112%2C193%2C0%2C0%2C0%2C%2C241%2C5%2C%2C%2C%2C548%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1620395858%3At%3A HTTP 302
• https://mc.yandex.com/watch/31361493/1?wmode=7&page-url=https%3A%2F%2Fpovorotnetuda.ru%2Flogin.php&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abx1nzewshzamry4%3Afp%3A464%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A1%3Adp%3A0%3Als%3A138141547974%3Ahid%3A972590676%3Az%3A120%3Ai%3A20210507155738%3Aet%3A1620395858%3Ac%3A1%3Arn%3A725433135%3Au%3A1620395858194914867%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1620395857418%3Ads%3A0%2C113%2C192%2C1%2C0%2C0%2C%2C238%2C4%2C%2C%2C%2C548%3Adsn%3A0%2C112%2C193%2C0%2C0%2C0%2C%2C241%2C5%2C%2C%2C%2C548%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1620395858%3At%3A

Request Chain 56

• https://mc.yandex.com/watch/31051446?wmode=7&page-url=https%3A%2F%2Fpovorotnetuda.ru%2Flogin.php&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abx1nzewshzamry4%3Afp%3A464%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A2%3Adp%3A0%3Als%3A144817181955%3Ahid%3A972590676%3Az%3A120%3Ai%3A20210507155738%3Aet%3A1620395858%3Ac%3A1%3Arn%3A202753135%3Au%3A1620395858194914867%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1620395857418%3Ads%3A0%2C113%2C192%2C1%2C0%2C0%2C%2C238%2C4%2C%2C%2C%2C548%3Adsn%3A0%2C112%2C193%2C0%2C0%2C0%2C%2C241%2C5%2C%2C%2C%2C548%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1620395858%3At%3A HTTP 302
• https://mc.yandex.com/watch/31051446/1?wmode=7&page-url=https%3A%2F%2Fpovorotnetuda.ru%2Flogin.php&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abx1nzewshzamry4%3Afp%3A464%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A2%3Adp%3A0%3Als%3A144817181955%3Ahid%3A972590676%3Az%3A120%3Ai%3A20210507155738%3Aet%3A1620395858%3Ac%3A1%3Arn%3A202753135%3Au%3A1620395858194914867%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1620395857418%3Ads%3A0%2C113%2C192%2C1%2C0%2C0%2C%2C238%2C4%2C%2C%2C%2C548%3Adsn%3A0%2C112%2C193%2C0%2C0%2C0%2C%2C241%2C5%2C%2C%2C%2C548%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1620395858%3At%3A

67 HTTP transactions Everything HTML Script AJAX CSS Image Expand all
3 data transactions

Method Protocol	Status	Resource Path	Size x-fer	Time Latency	Type MIME-Type	IP Location
GET H2	404	Primary Request login.php Show response povorotnetuda.ru/	35 KB 8 KB	305ms 192ms	Document text/html	87.236.16.107 BEGET-AS
General Check archive.org Show headers Download Go to Full URL https://povorotnetuda.ru/login.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.236.16.107 , Russian Federation, ASN198610 (BEGET-AS, RU), Reverse DNS ssl.spectre.beget.com Software nginx-reuseport/1.13.4 / PHP/5.6.40 Resource Hash e3d1b2ba4625a92027069cdbfb473fa982a95579be8f0f17183502b71b8e278c Request headers :method GET :authority povorotnetuda.ru :scheme https :path /login.php pragma no-cache cache-control no-cache upgrade-insecure-requests 1 user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 accept text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 sec-fetch-site none sec-fetch-mode navigate sec-fetch-user ?1 sec-fetch-dest document accept-encoding gzip, deflate, br accept-language en-US Upgrade-Insecure-Requests 1 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers server nginx-reuseport/1.13.4 date Fri, 07 May 2021 13:57:37 GMT content-type text/html; charset=UTF-8 vary Accept-Encoding x-powered-by PHP/5.6.40 x-pingback https://xn--80adgd3bebafnxcn.xn--p1ai/xmlrpc.php expires Wed, 11 Jan 1984 05:00:00 GMT cache-control no-cache, must-revalidate, max-age=0 pragma no-cache content-encoding gzip
GET H2	200	easy-modal-site.css xn--80adgd3bebafnxcn.xn--p1ai/wp-content/plugins/easy-modal/assets/styles/	1 KB 676 B	58ms 56ms	Stylesheet text/css	87.236.16.107 BEGET-AS
General Check archive.org Show headers Download Go to Full URL https://xn--80adgd3bebafnxcn.xn--p1ai/wp-content/plugins/easy-modal/assets/styles/easy-modal-site.css?ver=0.1 Requested by Host: povorotnetuda.ru URL: https://povorotnetuda.ru/login.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.236.16.107 , Russian Federation, ASN198610 (BEGET-AS, RU), Reverse DNS ssl.spectre.beget.com Software nginx-reuseport/1.13.4 / Resource Hash 5f626d986cb2b012e03225573f87ce60ecb1a44c997a24032cf905482faef82b Request headers Referer https://povorotnetuda.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 07 May 2021 13:57:37 GMT content-encoding gzip last-modified Thu, 26 Apr 2018 10:14:55 GMT server nginx-reuseport/1.13.4 etag W/"5ae1a69f-496" vary Accept-Encoding content-type text/css cache-control max-age=604800 expires Fri, 14 May 2021 13:57:37 GMT
GET H2	200	styles.css xn--80adgd3bebafnxcn.xn--p1ai/wp-content/plugins/contact-form-7/includes/css/	1 KB 663 B	58ms 56ms	Stylesheet text/css	87.236.16.107 BEGET-AS
General Check archive.org Show headers Download Go to Full URL https://xn--80adgd3bebafnxcn.xn--p1ai/wp-content/plugins/contact-form-7/includes/css/styles.css?ver=4.2.1 Requested by Host: povorotnetuda.ru URL: https://povorotnetuda.ru/login.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.236.16.107 , Russian Federation, ASN198610 (BEGET-AS, RU), Reverse DNS ssl.spectre.beget.com Software nginx-reuseport/1.13.4 / Resource Hash 96f1810d96a208f1b98ce9ba49368fcb9b8334105e87554602275b978c2c170a Request headers Referer https://povorotnetuda.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 07 May 2021 13:57:37 GMT content-encoding gzip last-modified Thu, 26 Apr 2018 10:14:55 GMT server nginx-reuseport/1.13.4 etag W/"5ae1a69f-44f" vary Accept-Encoding content-type text/css cache-control max-age=604800 expires Fri, 14 May 2021 13:57:37 GMT
GET H2	200	slick.css xn--80adgd3bebafnxcn.xn--p1ai/wp-content/plugins/wp-slick-slider-and-image-carousel/assets/css/	6 KB 1 KB	58ms 56ms	Stylesheet text/css	87.236.16.107 BEGET-AS
General Check archive.org Show headers Download Go to Full URL https://xn--80adgd3bebafnxcn.xn--p1ai/wp-content/plugins/wp-slick-slider-and-image-carousel/assets/css/slick.css?ver=1.2.3 Requested by Host: povorotnetuda.ru URL: https://povorotnetuda.ru/login.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.236.16.107 , Russian Federation, ASN198610 (BEGET-AS, RU), Reverse DNS ssl.spectre.beget.com Software nginx-reuseport/1.13.4 / Resource Hash 00528942400593edaa03cdca6778bec9fbf267df70aff9d0fad6f9d180207628 Request headers Referer https://povorotnetuda.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 07 May 2021 13:57:37 GMT content-encoding gzip last-modified Thu, 26 Apr 2018 10:15:00 GMT server nginx-reuseport/1.13.4 etag W/"5ae1a6a4-16a4" vary Accept-Encoding content-type text/css cache-control max-age=604800 expires Fri, 14 May 2021 13:57:37 GMT
GET H2	200	slick-slider-style.css xn--80adgd3bebafnxcn.xn--p1ai/wp-content/plugins/wp-slick-slider-and-image-carousel/assets/css/	8 KB 1 KB	58ms 57ms	Stylesheet text/css	87.236.16.107 BEGET-AS
General Check archive.org Show headers Download Go to Full URL https://xn--80adgd3bebafnxcn.xn--p1ai/wp-content/plugins/wp-slick-slider-and-image-carousel/assets/css/slick-slider-style.css?ver=1.2.3 Requested by Host: povorotnetuda.ru URL: https://povorotnetuda.ru/login.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.236.16.107 , Russian Federation, ASN198610 (BEGET-AS, RU), Reverse DNS ssl.spectre.beget.com Software nginx-reuseport/1.13.4 / Resource Hash 229e5c85f951e93a5447f7dd03f9cfe9c1c5e5b3a6f34cca22b5da8f54075b86 Request headers Referer https://povorotnetuda.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 07 May 2021 13:57:37 GMT content-encoding gzip last-modified Thu, 26 Apr 2018 10:15:00 GMT server nginx-reuseport/1.13.4 etag W/"5ae1a6a4-205e" vary Accept-Encoding content-type text/css cache-control max-age=604800 expires Fri, 14 May 2021 13:57:37 GMT
GET H2	200	jquery.js Show response xn--80adgd3bebafnxcn.xn--p1ai/wp-includes/js/jquery/	94 KB 33 KB	60ms 58ms	Script application/x-javascript	87.236.16.107 BEGET-AS
General Check archive.org Show headers Download Go to Full URL https://xn--80adgd3bebafnxcn.xn--p1ai/wp-includes/js/jquery/jquery.js?ver=1.11.2 Requested by Host: povorotnetuda.ru URL: https://povorotnetuda.ru/login.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.236.16.107 , Russian Federation, ASN198610 (BEGET-AS, RU), Reverse DNS ssl.spectre.beget.com Software nginx-reuseport/1.13.4 / Resource Hash 9b1b195900c079b2a8859cb8ded918d2e179c49fbb2a3aab3491e68d33fbaa54 Request headers Referer https://povorotnetuda.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 07 May 2021 13:57:37 GMT content-encoding gzip last-modified Thu, 26 Apr 2018 10:15:04 GMT server nginx-reuseport/1.13.4 etag W/"5ae1a6a8-176d0" vary Accept-Encoding content-type application/x-javascript cache-control max-age=604800 expires Fri, 14 May 2021 13:57:37 GMT
GET H2	200	jquery-migrate.min.js Show response xn--80adgd3bebafnxcn.xn--p1ai/wp-includes/js/jquery/	7 KB 3 KB	60ms 58ms	Script application/x-javascript	87.236.16.107 BEGET-AS
General Check archive.org Show headers Download Go to Full URL https://xn--80adgd3bebafnxcn.xn--p1ai/wp-includes/js/jquery/jquery-migrate.min.js?ver=1.2.1 Requested by Host: povorotnetuda.ru URL: https://povorotnetuda.ru/login.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.236.16.107 , Russian Federation, ASN198610 (BEGET-AS, RU), Reverse DNS ssl.spectre.beget.com Software nginx-reuseport/1.13.4 / Resource Hash 1e67d8dbcca1f6fd94e077c85c2fb40fa1c2756c99238daa8da882144260a68d Request headers Referer https://povorotnetuda.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 07 May 2021 13:57:37 GMT content-encoding gzip last-modified Thu, 26 Apr 2018 10:15:04 GMT server nginx-reuseport/1.13.4 etag W/"5ae1a6a8-1c1f" vary Accept-Encoding content-type application/x-javascript cache-control max-age=604800 expires Fri, 14 May 2021 13:57:37 GMT
GET H2	200	slick.min.js Show response xn--80adgd3bebafnxcn.xn--p1ai/wp-content/plugins/wp-slick-slider-and-image-carousel/assets/js/	39 KB 10 KB	60ms 58ms	Script application/x-javascript	87.236.16.107 BEGET-AS
General Check archive.org Show headers Download Go to Full URL https://xn--80adgd3bebafnxcn.xn--p1ai/wp-content/plugins/wp-slick-slider-and-image-carousel/assets/js/slick.min.js?ver=1.2.3 Requested by Host: povorotnetuda.ru URL: https://povorotnetuda.ru/login.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.236.16.107 , Russian Federation, ASN198610 (BEGET-AS, RU), Reverse DNS ssl.spectre.beget.com Software nginx-reuseport/1.13.4 / Resource Hash 56bab4312d57027e314de1d04483d708d95ffc1433d568d37af426d4106c7907 Request headers Referer https://povorotnetuda.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 07 May 2021 13:57:37 GMT content-encoding gzip last-modified Thu, 26 Apr 2018 10:15:00 GMT server nginx-reuseport/1.13.4 etag W/"5ae1a6a4-9d02" vary Accept-Encoding content-type application/x-javascript cache-control max-age=604800 expires Fri, 14 May 2021 13:57:37 GMT
GET H2	200	jquery.reveal.js Show response xn--80adgd3bebafnxcn.xn--p1ai/wp-content/themes/povorot/js/	5 KB 2 KB	60ms 58ms	Script application/x-javascript	87.236.16.107 BEGET-AS
General Check archive.org Show headers Download Go to Full URL https://xn--80adgd3bebafnxcn.xn--p1ai/wp-content/themes/povorot/js/jquery.reveal.js Requested by Host: povorotnetuda.ru URL: https://povorotnetuda.ru/login.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.236.16.107 , Russian Federation, ASN198610 (BEGET-AS, RU), Reverse DNS ssl.spectre.beget.com Software nginx-reuseport/1.13.4 / Resource Hash a27c246df6c64b929864ef626f370de4654c126f7bd4328542896e9474bfb084 Request headers Referer https://povorotnetuda.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 07 May 2021 13:57:37 GMT content-encoding gzip last-modified Thu, 26 Apr 2018 10:15:02 GMT server nginx-reuseport/1.13.4 etag W/"5ae1a6a6-139e" vary Accept-Encoding content-type application/x-javascript cache-control max-age=604800 expires Fri, 14 May 2021 13:57:37 GMT
GET H2	200	style.css xn--80adgd3bebafnxcn.xn--p1ai/wp-content/themes/povorot/	31 KB 7 KB	58ms 56ms	Stylesheet text/css	87.236.16.107 BEGET-AS
General Check archive.org Show headers Download Go to Full URL https://xn--80adgd3bebafnxcn.xn--p1ai/wp-content/themes/povorot/style.css Requested by Host: povorotnetuda.ru URL: https://povorotnetuda.ru/login.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.236.16.107 , Russian Federation, ASN198610 (BEGET-AS, RU), Reverse DNS ssl.spectre.beget.com Software nginx-reuseport/1.13.4 / Resource Hash 0933e0c550e23364476c44047c0d7e52ff94b1bbe680f66f92bf4eb2a65584e1 Request headers Referer https://povorotnetuda.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 07 May 2021 13:57:37 GMT content-encoding gzip last-modified Thu, 26 Apr 2018 10:15:00 GMT server nginx-reuseport/1.13.4 etag W/"5ae1a6a4-7a46" vary Accept-Encoding content-type text/css cache-control max-age=604800 expires Fri, 14 May 2021 13:57:37 GMT
GET H2	200	jquery-ui.min.js Show response code.jquery.com/ui/1.12.1/	248 KB 66 KB	10ms 9ms	Script application/javascript	2001:4de0:ac18::1:a:1a HIGHWINDS3
General Check archive.org Show headers Download Go to Full URL https://code.jquery.com/ui/1.12.1/jquery-ui.min.js Requested by Host: povorotnetuda.ru URL: https://povorotnetuda.ru/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2001:4de0:ac18::1:a:1a , Netherlands, ASN20446 (HIGHWINDS3, US), Reverse DNS Software nginx / Resource Hash 55accff7b642c2d7a402cbe03c1494c0f14a76bc03dee9d47d219562b6a152a5 Request headers Referer https://povorotnetuda.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 07 May 2021 13:57:37 GMT content-encoding gzip last-modified Wed, 14 Sep 2016 16:34:16 GMT server nginx etag W/"57d97c08-3dee4" vary Accept-Encoding x-hw 1620395857.dop205.fr8.t,1620395857.cds243.fr8.hn,1620395857.cds151.fr8.c content-type application/javascript; charset=utf-8 access-control-allow-origin * cache-control max-age=315360000, public accept-ranges bytes content-length 67751
GET H2	200	bg-adr.png povorotnetuda.ru/wp-content/themes/povorot/i/	3 KB 3 KB	62ms 57ms	Image image/png	87.236.16.107 BEGET-AS
General Check archive.org Show headers Download Go to Show image Full URL https://povorotnetuda.ru/wp-content/themes/povorot/i/bg-adr.png Requested by Host: povorotnetuda.ru URL: https://povorotnetuda.ru/login.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.236.16.107 , Russian Federation, ASN198610 (BEGET-AS, RU), Reverse DNS ssl.spectre.beget.com Software nginx-reuseport/1.13.4 / Resource Hash 15a6b347a9b93f8c94848ee620184cd4a893c6238a7267aa380a1c9d69a5a8e7 Request headers :path /wp-content/themes/povorot/i/bg-adr.png pragma no-cache cookie jv_temp_sess_enter_ts_xA6QUWUgQ5=%7B%22val%22%3A1620395857436%2C%22expire%22%3A1620439057436%7D; jv_temp_visits_count_xA6QUWUgQ5=%7B%22val%22%3A1%2C%22expire%22%3A1651952809437%7D; jv_store_xA6QUWUgQ5_client_xA6QUWUgQ5=%7B%22jv_sess_id%22%3Anull%2C%22client_id%22%3Anull%2C%22pa_id%22%3Anull%2C%22is_introduced%22%3Afalse%2C%22client_info%22%3A%7B%22client_name%22%3Anull%2C%22phone%22%3Anull%2C%22email%22%3Anull%2C%22description%22%3Anull%7D%2C%22cw_call%22%3A%7B%22status%22%3Afalse%2C%22error%22%3Afalse%7D%2C%22cw_call_enabled%22%3Afalse%2C%22cw_call_delayed%22%3Afalse%2C%22cw_call_delayed_status%22%3Anull%2C%22cw_call_delayed_periods%22%3A%5B%5D%2C%22cw_call_delayed_tz%22%3Anull%2C%22department_id%22%3Anull%2C%22evaluate%22%3Afalse%2C%22last_message%22%3Anull%2C%22has_integration%22%3Afalse%2C%22utm%22%3A%7B%22campaign%22%3A%22(direct)%22%2C%22source%22%3A%22(direct)%22%2C%22medium%22%3Anull%2C%22keyword%22%3Anull%2C%22content%22%3Anull%7D%2C%22visitorId%22%3A%228cd9a4b3f9e455b8%22%2C%22avatar_url%22%3Anull%2C%22display_name%22%3Anull%2C%22assigned_agent_id%22%3Anull%2C%22user_token%22%3Anull%2C%22activeWebRTCCallMessageId%22%3Anull%2C%22webRTCCallStatus%22%3Anull%7D; jv_history_xA6QUWUgQ5=%5B%7B%22url%22%3A%22http%3A%2F%2Fpovorotnetuda.ru%2F%22%2C%22title%22%3A%22%D0%93%D0%BE%D1%82%D0%BE%D0%B2%D1%8B%20%D1%81%D0%B2%D0%B5%D1%80%D0%BD%D1%83%D1%82%D1%8C%20%D0%BF%D0%BE%D0%B4%20%D0%B7%D0%B0%D0%BF%D1%80%D0%B5%D1%89%D0%B0%D1%8E%D1%89%D0%B8%D0%B9%20%D0%B7%D0%BD%D0%B0%D0%BA%3F%22%2C%22time%22%3A1620395857438%7D%5D; _fbp=fb.1.1620395857598.960851736 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority povorotnetuda.ru referer https://povorotnetuda.ru/login.php :scheme https sec-fetch-site same-origin :method GET Referer https://povorotnetuda.ru/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 07 May 2021 13:57:37 GMT last-modified Thu, 26 Apr 2018 10:15:00 GMT server nginx-reuseport/1.13.4 etag "5ae1a6a4-a57" content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 2647 expires Sun, 06 Jun 2021 13:57:37 GMT
GET H2	404	psychotherapy.jpg povorotnetuda.ru/i/	5 KB 5 KB	167ms 162ms	Image text/html	87.236.16.107 BEGET-AS
General Check archive.org Show headers Download Go to Show image Full URL https://povorotnetuda.ru/i/psychotherapy.jpg Requested by Host: povorotnetuda.ru URL: https://povorotnetuda.ru/login.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.236.16.107 , Russian Federation, ASN198610 (BEGET-AS, RU), Reverse DNS ssl.spectre.beget.com Software nginx-reuseport/1.13.4 / PHP/5.6.40 Resource Hash cd68a6ccb6fa272288142ff7cb41b6693a0ce0fe5ff0819de0ab83668a8bf5d4 Request headers :path /i/psychotherapy.jpg pragma no-cache cookie jv_temp_sess_enter_ts_xA6QUWUgQ5=%7B%22val%22%3A1620395857436%2C%22expire%22%3A1620439057436%7D; jv_temp_visits_count_xA6QUWUgQ5=%7B%22val%22%3A1%2C%22expire%22%3A1651952809437%7D; jv_store_xA6QUWUgQ5_client_xA6QUWUgQ5=%7B%22jv_sess_id%22%3Anull%2C%22client_id%22%3Anull%2C%22pa_id%22%3Anull%2C%22is_introduced%22%3Afalse%2C%22client_info%22%3A%7B%22client_name%22%3Anull%2C%22phone%22%3Anull%2C%22email%22%3Anull%2C%22description%22%3Anull%7D%2C%22cw_call%22%3A%7B%22status%22%3Afalse%2C%22error%22%3Afalse%7D%2C%22cw_call_enabled%22%3Afalse%2C%22cw_call_delayed%22%3Afalse%2C%22cw_call_delayed_status%22%3Anull%2C%22cw_call_delayed_periods%22%3A%5B%5D%2C%22cw_call_delayed_tz%22%3Anull%2C%22department_id%22%3Anull%2C%22evaluate%22%3Afalse%2C%22last_message%22%3Anull%2C%22has_integration%22%3Afalse%2C%22utm%22%3A%7B%22campaign%22%3A%22(direct)%22%2C%22source%22%3A%22(direct)%22%2C%22medium%22%3Anull%2C%22keyword%22%3Anull%2C%22content%22%3Anull%7D%2C%22visitorId%22%3A%228cd9a4b3f9e455b8%22%2C%22avatar_url%22%3Anull%2C%22display_name%22%3Anull%2C%22assigned_agent_id%22%3Anull%2C%22user_token%22%3Anull%2C%22activeWebRTCCallMessageId%22%3Anull%2C%22webRTCCallStatus%22%3Anull%7D; jv_history_xA6QUWUgQ5=%5B%7B%22url%22%3A%22http%3A%2F%2Fpovorotnetuda.ru%2F%22%2C%22title%22%3A%22%D0%93%D0%BE%D1%82%D0%BE%D0%B2%D1%8B%20%D1%81%D0%B2%D0%B5%D1%80%D0%BD%D1%83%D1%82%D1%8C%20%D0%BF%D0%BE%D0%B4%20%D0%B7%D0%B0%D0%BF%D1%80%D0%B5%D1%89%D0%B0%D1%8E%D1%89%D0%B8%D0%B9%20%D0%B7%D0%BD%D0%B0%D0%BA%3F%22%2C%22time%22%3A1620395857438%7D%5D; _fbp=fb.1.1620395857598.960851736 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority povorotnetuda.ru referer https://povorotnetuda.ru/login.php :scheme https sec-fetch-site same-origin :method GET Referer https://povorotnetuda.ru/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 07 May 2021 13:57:37 GMT server nginx-reuseport/1.13.4 x-powered-by PHP/5.6.40 x-pingback https://xn--80adgd3bebafnxcn.xn--p1ai/xmlrpc.php content-type text/html; charset=UTF-8 cache-control no-cache, must-revalidate, max-age=0 expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	404	horror.jpg povorotnetuda.ru/i/	35 KB 35 KB	264ms 259ms	Image text/html	87.236.16.107 BEGET-AS
General Check archive.org Show headers Download Go to Show image Full URL https://povorotnetuda.ru/i/horror.jpg Requested by Host: povorotnetuda.ru URL: https://povorotnetuda.ru/login.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.236.16.107 , Russian Federation, ASN198610 (BEGET-AS, RU), Reverse DNS ssl.spectre.beget.com Software nginx-reuseport/1.13.4 / PHP/5.6.40 Resource Hash e3d1b2ba4625a92027069cdbfb473fa982a95579be8f0f17183502b71b8e278c Request headers :path /i/horror.jpg pragma no-cache cookie jv_temp_sess_enter_ts_xA6QUWUgQ5=%7B%22val%22%3A1620395857436%2C%22expire%22%3A1620439057436%7D; jv_temp_visits_count_xA6QUWUgQ5=%7B%22val%22%3A1%2C%22expire%22%3A1651952809437%7D; jv_store_xA6QUWUgQ5_client_xA6QUWUgQ5=%7B%22jv_sess_id%22%3Anull%2C%22client_id%22%3Anull%2C%22pa_id%22%3Anull%2C%22is_introduced%22%3Afalse%2C%22client_info%22%3A%7B%22client_name%22%3Anull%2C%22phone%22%3Anull%2C%22email%22%3Anull%2C%22description%22%3Anull%7D%2C%22cw_call%22%3A%7B%22status%22%3Afalse%2C%22error%22%3Afalse%7D%2C%22cw_call_enabled%22%3Afalse%2C%22cw_call_delayed%22%3Afalse%2C%22cw_call_delayed_status%22%3Anull%2C%22cw_call_delayed_periods%22%3A%5B%5D%2C%22cw_call_delayed_tz%22%3Anull%2C%22department_id%22%3Anull%2C%22evaluate%22%3Afalse%2C%22last_message%22%3Anull%2C%22has_integration%22%3Afalse%2C%22utm%22%3A%7B%22campaign%22%3A%22(direct)%22%2C%22source%22%3A%22(direct)%22%2C%22medium%22%3Anull%2C%22keyword%22%3Anull%2C%22content%22%3Anull%7D%2C%22visitorId%22%3A%228cd9a4b3f9e455b8%22%2C%22avatar_url%22%3Anull%2C%22display_name%22%3Anull%2C%22assigned_agent_id%22%3Anull%2C%22user_token%22%3Anull%2C%22activeWebRTCCallMessageId%22%3Anull%2C%22webRTCCallStatus%22%3Anull%7D; jv_history_xA6QUWUgQ5=%5B%7B%22url%22%3A%22http%3A%2F%2Fpovorotnetuda.ru%2F%22%2C%22title%22%3A%22%D0%93%D0%BE%D1%82%D0%BE%D0%B2%D1%8B%20%D1%81%D0%B2%D0%B5%D1%80%D0%BD%D1%83%D1%82%D1%8C%20%D0%BF%D0%BE%D0%B4%20%D0%B7%D0%B0%D0%BF%D1%80%D0%B5%D1%89%D0%B0%D1%8E%D1%89%D0%B8%D0%B9%20%D0%B7%D0%BD%D0%B0%D0%BA%3F%22%2C%22time%22%3A1620395857438%7D%5D; _fbp=fb.1.1620395857598.960851736 accept-encoding gzip, deflate, br accept-language en-US user-agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 sec-fetch-mode no-cors accept image/avif,image/webp,image/apng,image/svg+xml,image/*,*/*;q=0.8 cache-control no-cache sec-fetch-dest image :authority povorotnetuda.ru referer https://povorotnetuda.ru/login.php :scheme https sec-fetch-site same-origin :method GET Referer https://povorotnetuda.ru/login.php User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 07 May 2021 13:57:38 GMT server nginx-reuseport/1.13.4 x-powered-by PHP/5.6.40 x-pingback https://xn--80adgd3bebafnxcn.xn--p1ai/xmlrpc.php content-type text/html; charset=UTF-8 cache-control no-cache, must-revalidate, max-age=0 expires Wed, 11 Jan 1984 05:00:00 GMT
GET H2	200	core.min.js Show response xn--80adgd3bebafnxcn.xn--p1ai/wp-includes/js/jquery/ui/	4 KB 2 KB	56ms 56ms	Script application/x-javascript	87.236.16.107 BEGET-AS
General Check archive.org Show headers Download Go to Full URL https://xn--80adgd3bebafnxcn.xn--p1ai/wp-includes/js/jquery/ui/core.min.js?ver=1.11.4 Requested by Host: povorotnetuda.ru URL: https://povorotnetuda.ru/login.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.236.16.107 , Russian Federation, ASN198610 (BEGET-AS, RU), Reverse DNS ssl.spectre.beget.com Software nginx-reuseport/1.13.4 / Resource Hash 191622240e7646a2e888eb318557bcca854828b59b5b2e960545ee08ae142382 Request headers Referer https://povorotnetuda.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 07 May 2021 13:57:37 GMT content-encoding gzip last-modified Thu, 26 Apr 2018 10:15:04 GMT server nginx-reuseport/1.13.4 etag W/"5ae1a6a8-f9d" vary Accept-Encoding content-type application/x-javascript cache-control max-age=604800 expires Fri, 14 May 2021 13:57:37 GMT
GET H2	200	position.min.js Show response xn--80adgd3bebafnxcn.xn--p1ai/wp-includes/js/jquery/ui/	6 KB 3 KB	56ms 56ms	Script application/x-javascript	87.236.16.107 BEGET-AS
General Check archive.org Show headers Download Go to Full URL https://xn--80adgd3bebafnxcn.xn--p1ai/wp-includes/js/jquery/ui/position.min.js?ver=1.11.4 Requested by Host: povorotnetuda.ru URL: https://povorotnetuda.ru/login.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.236.16.107 , Russian Federation, ASN198610 (BEGET-AS, RU), Reverse DNS ssl.spectre.beget.com Software nginx-reuseport/1.13.4 / Resource Hash 7a3eca6361c114ba5ac314cbd4397f9e0329ec9fc5f5845e7a14800d469a19ec Request headers Referer https://povorotnetuda.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 07 May 2021 13:57:37 GMT content-encoding gzip last-modified Thu, 26 Apr 2018 10:15:04 GMT server nginx-reuseport/1.13.4 etag W/"5ae1a6a8-1959" vary Accept-Encoding content-type application/x-javascript cache-control max-age=604800 expires Fri, 14 May 2021 13:57:37 GMT
GET H2	200	jquery.transit.min.js Show response xn--80adgd3bebafnxcn.xn--p1ai/wp-content/plugins/easy-modal/assets/scripts/	8 KB 3 KB	61ms 55ms	Script application/x-javascript	87.236.16.107 BEGET-AS
General Check archive.org Show headers Download Go to Full URL https://xn--80adgd3bebafnxcn.xn--p1ai/wp-content/plugins/easy-modal/assets/scripts/jquery.transit.min.js?ver=0.9.11 Requested by Host: povorotnetuda.ru URL: https://povorotnetuda.ru/login.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.236.16.107 , Russian Federation, ASN198610 (BEGET-AS, RU), Reverse DNS ssl.spectre.beget.com Software nginx-reuseport/1.13.4 / Resource Hash b259de534ce1ec151a383c5cfbc69f8fc568399e0d400b60f2d9534d072c76e0 Request headers Referer https://povorotnetuda.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 07 May 2021 13:57:37 GMT content-encoding gzip last-modified Thu, 26 Apr 2018 10:14:55 GMT server nginx-reuseport/1.13.4 etag W/"5ae1a69f-1e9b" vary Accept-Encoding content-type application/x-javascript cache-control max-age=604800 expires Fri, 14 May 2021 13:57:37 GMT
GET H2	200	easy-modal-site.js Show response xn--80adgd3bebafnxcn.xn--p1ai/wp-content/plugins/easy-modal/assets/scripts/	22 KB 4 KB	61ms 57ms	Script application/x-javascript	87.236.16.107 BEGET-AS
General Check archive.org Show headers Download Go to Full URL https://xn--80adgd3bebafnxcn.xn--p1ai/wp-content/plugins/easy-modal/assets/scripts/easy-modal-site.js?defer&ver=2 Requested by Host: povorotnetuda.ru URL: https://povorotnetuda.ru/login.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.236.16.107 , Russian Federation, ASN198610 (BEGET-AS, RU), Reverse DNS ssl.spectre.beget.com Software nginx-reuseport/1.13.4 / Resource Hash 1fdcbc103efd36c93cec22826c56503704e3f4ea9defe97c43521c562d6ce140 Request headers Referer https://povorotnetuda.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 07 May 2021 13:57:37 GMT content-encoding gzip last-modified Thu, 26 Apr 2018 10:14:55 GMT server nginx-reuseport/1.13.4 etag W/"5ae1a69f-5756" vary Accept-Encoding content-type application/x-javascript cache-control max-age=604800 expires Fri, 14 May 2021 13:57:37 GMT
GET H2	200	jquery.form.min.js Show response xn--80adgd3bebafnxcn.xn--p1ai/wp-content/plugins/contact-form-7/includes/js/	15 KB 6 KB	61ms 56ms	Script application/x-javascript	87.236.16.107 BEGET-AS
General Check archive.org Show headers Download Go to Full URL https://xn--80adgd3bebafnxcn.xn--p1ai/wp-content/plugins/contact-form-7/includes/js/jquery.form.min.js?ver=3.51.0-2014.06.20 Requested by Host: povorotnetuda.ru URL: https://povorotnetuda.ru/login.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.236.16.107 , Russian Federation, ASN198610 (BEGET-AS, RU), Reverse DNS ssl.spectre.beget.com Software nginx-reuseport/1.13.4 / Resource Hash c90f0e501d2948fbc2b61bffd654fa4ab64741fd48923782419eeb14d3816fb8 Request headers Referer https://povorotnetuda.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 07 May 2021 13:57:37 GMT content-encoding gzip last-modified Thu, 26 Apr 2018 10:14:55 GMT server nginx-reuseport/1.13.4 etag W/"5ae1a69f-3b90" vary Accept-Encoding content-type application/x-javascript cache-control max-age=604800 expires Fri, 14 May 2021 13:57:37 GMT
GET H2	200	scripts.js Show response xn--80adgd3bebafnxcn.xn--p1ai/wp-content/plugins/contact-form-7/includes/js/	11 KB 3 KB	61ms 56ms	Script application/x-javascript	87.236.16.107 BEGET-AS
General Check archive.org Show headers Download Go to Full URL https://xn--80adgd3bebafnxcn.xn--p1ai/wp-content/plugins/contact-form-7/includes/js/scripts.js?ver=4.2.1 Requested by Host: povorotnetuda.ru URL: https://povorotnetuda.ru/login.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.236.16.107 , Russian Federation, ASN198610 (BEGET-AS, RU), Reverse DNS ssl.spectre.beget.com Software nginx-reuseport/1.13.4 / Resource Hash 3dbc832de930e5b39820c0fc94f59c8c89b134dbbe02c7e4dc31aeda65d604de Request headers Referer https://povorotnetuda.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 07 May 2021 13:57:37 GMT content-encoding gzip last-modified Thu, 26 Apr 2018 10:14:55 GMT server nginx-reuseport/1.13.4 etag W/"5ae1a69f-2bc0" vary Accept-Encoding content-type application/x-javascript cache-control max-age=604800 expires Fri, 14 May 2021 13:57:37 GMT
GET H2	200	conversion.js Show response www.googleadservices.com/pagead/	43 KB 17 KB	88ms 34ms	Script text/javascript	172.217.23.98 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googleadservices.com/pagead/conversion.js Requested by Host: povorotnetuda.ru URL: https://povorotnetuda.ru/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 172.217.23.98 , United States, ASN15169 (GOOGLE, US), Reverse DNS fra16s45-in-f2.1e100.net Software cafe / Resource Hash 8719e7caa8c8992a1d546c7a38c708d4929dd04bde1be9381def52752fd2a97f Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://povorotnetuda.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 07 May 2021 13:57:37 GMT content-encoding gzip x-content-type-options nosniff p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 16618 x-xss-protection 0 server cafe etag 786077497703709746 vary Accept-Encoding content-type text/javascript; charset=UTF-8 cache-control private, max-age=3600 timing-allow-origin * expires Fri, 07 May 2021 13:57:37 GMT
GET H2	200	gtm.js Show response www.googletagmanager.com/	82 KB 32 KB	23ms 18ms	Script application/javascript	2a00:1450:4001:811::2008 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.googletagmanager.com/gtm.js?id=GTM-MGB2QLK Requested by Host: povorotnetuda.ru URL: https://povorotnetuda.ru/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:811::2008 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Google Tag Manager / Resource Hash e98acdbbb6b063691a35ff24b01ee3bbc439bbec4dc2e133d600489b6102b9d0 Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains X-Xss-Protection 0 Request headers Referer https://povorotnetuda.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 07 May 2021 13:57:37 GMT content-encoding br vary Accept-Encoding cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 33012 x-xss-protection 0 last-modified Fri, 07 May 2021 12:00:00 GMT server Google Tag Manager strict-transport-security max-age=31536000; includeSubDomains content-type application/javascript; charset=UTF-8 access-control-allow-origin * cache-control private, max-age=900 access-control-allow-credentials true access-control-allow-headers Cache-Control expires Fri, 07 May 2021 13:57:37 GMT
GET H2	200	rtrg vk.com/	49 B 445 B	65ms 61ms	Image image/gif	87.240.139.194 VKONTAKTE-SPB-AS ...
General Check archive.org Show headers Download Go to Show image Full URL https://vk.com/rtrg?r=ACp6bZsn5RPbXyYFaDHivYndeIUXq6PgCX4hjh5WBWNfnZILDY**960qdG03*Hn8KTyYbJNOTfzfv0S*kPQW4c5bvFm8NdqcNW277Vk57jwaQwZphnsorM2FEHrn3Vxx8TWuwWWHqBpui7VDzNonqLfS8TWnobVbe5Nk648QBXU-&pixel_id=1000095817 Requested by Host: povorotnetuda.ru URL: https://povorotnetuda.ru/login.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.240.139.194 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU), Reverse DNS srv194-139-240-87.vk.com Software kittenx / KPHP/7.4.107054 Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer https://povorotnetuda.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 07 May 2021 13:57:37 GMT content-encoding gzip x-frontend front609305 server kittenx x-powered-by KPHP/7.4.107054 strict-transport-security max-age=15768000 content-type image/gif access-control-expose-headers X-Frontend cache-control no-store content-length 65
GET H2	200	fbevents.js Show response connect.facebook.net/en_US/	92 KB 24 KB	25ms 21ms	Script application/x-javascript	2a03:2880:f008:8:face:b00c:0:1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/en_US/fbevents.js Requested by Host: povorotnetuda.ru URL: https://povorotnetuda.ru/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a03:2880:f008:8:face:b00c:0:1 Milan, Italy, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash a517525b8a7d39bcaf1cf5f9695c5be8fce7a6b920a3924c1a4f70e8ea748c05 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://povorotnetuda.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c; content-encoding gzip x-content-type-options nosniff x-xss-protection 0 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 23959 x-fb-rlafr 0 pragma public x-fb-debug a4W/wj6vx/GzmvTwq+gr1fuQ+tRoafQTNAXYI+C2ZPJnomQ02IPoPRh6nGF2JK2a3YSOAEU12U4YdhOromRu2Q== x-fb-trip-id 19638678 x-frame-options DENY date Fri, 07 May 2021 13:57:37 GMT strict-transport-security max-age=31536000; preload; includeSubDomains content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	openapi.js Show response vk.com/js/api/	100 KB 22 KB	95ms 95ms	Script application/x-javascript	87.240.139.194 VKONTAKTE-SPB-AS ...
General Check archive.org Show headers Download Go to Full URL https://vk.com/js/api/openapi.js?160 Requested by Host: povorotnetuda.ru URL: https://povorotnetuda.ru/login.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.240.139.194 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU), Reverse DNS srv194-139-240-87.vk.com Software kittenx / Resource Hash 25fe45f80deb3a5943695bb19674ddaf60340575dd353fd3b2d227fb62a7e42b Request headers Referer https://povorotnetuda.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 07 May 2021 13:57:37 GMT content-encoding br x-frontend front609305 last-modified Wed, 21 Apr 2021 15:16:58 GMT server kittenx etag "608041ea-5800" content-type application/x-javascript access-control-expose-headers X-Frontend cache-control max-age=345600 content-length 22528 expires Tue, 11 May 2021 13:57:37 GMT
GET H2	200	bg-head3.png xn--80adgd3bebafnxcn.xn--p1ai/wp-content/themes/povorot/i/	733 KB 734 KB	58ms 57ms	Image image/png	87.236.16.107 BEGET-AS
General Check archive.org Show headers Download Go to Show image Full URL https://xn--80adgd3bebafnxcn.xn--p1ai/wp-content/themes/povorot/i/bg-head3.png Requested by Host: xn--80adgd3bebafnxcn.xn--p1ai URL: https://xn--80adgd3bebafnxcn.xn--p1ai/wp-content/themes/povorot/style.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.236.16.107 , Russian Federation, ASN198610 (BEGET-AS, RU), Reverse DNS ssl.spectre.beget.com Software nginx-reuseport/1.13.4 / Resource Hash 77272949e068ee9459287f707d250a93da595992b051605f4bd72de432cc0f1f Request headers Referer https://xn--80adgd3bebafnxcn.xn--p1ai/wp-content/themes/povorot/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 07 May 2021 13:57:37 GMT last-modified Thu, 26 Apr 2018 10:15:01 GMT server nginx-reuseport/1.13.4 etag "5ae1a6a5-b73fa" content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 750586 expires Sun, 06 Jun 2021 13:57:37 GMT
GET H2	200	fran.png xn--80adgd3bebafnxcn.xn--p1ai/wp-content/themes/povorot/i/	2 KB 2 KB	59ms 58ms	Image image/png	87.236.16.107 BEGET-AS
General Check archive.org Show headers Download Go to Show image Full URL https://xn--80adgd3bebafnxcn.xn--p1ai/wp-content/themes/povorot/i/fran.png Requested by Host: xn--80adgd3bebafnxcn.xn--p1ai URL: https://xn--80adgd3bebafnxcn.xn--p1ai/wp-content/themes/povorot/style.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.236.16.107 , Russian Federation, ASN198610 (BEGET-AS, RU), Reverse DNS ssl.spectre.beget.com Software nginx-reuseport/1.13.4 / Resource Hash b128bad7626d4fa6c496eecbdcf0bbd7c77753c8767867fb1709af0a5a000e73 Request headers Referer https://xn--80adgd3bebafnxcn.xn--p1ai/wp-content/themes/povorot/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 07 May 2021 13:57:37 GMT last-modified Thu, 26 Apr 2018 10:15:01 GMT server nginx-reuseport/1.13.4 etag "5ae1a6a5-82f" content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 2095 expires Sun, 06 Jun 2021 13:57:37 GMT
GET H2	200	bg-prise.png xn--80adgd3bebafnxcn.xn--p1ai/wp-content/themes/povorot/i/	1 KB 2 KB	57ms 56ms	Image image/png	87.236.16.107 BEGET-AS
General Check archive.org Show headers Download Go to Show image Full URL https://xn--80adgd3bebafnxcn.xn--p1ai/wp-content/themes/povorot/i/bg-prise.png Requested by Host: xn--80adgd3bebafnxcn.xn--p1ai URL: https://xn--80adgd3bebafnxcn.xn--p1ai/wp-content/themes/povorot/style.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.236.16.107 , Russian Federation, ASN198610 (BEGET-AS, RU), Reverse DNS ssl.spectre.beget.com Software nginx-reuseport/1.13.4 / Resource Hash 02c4639cfcedda1fb2353d2ca7cd4597f7eac7012042411c9faa22caecbedde5 Request headers Referer https://xn--80adgd3bebafnxcn.xn--p1ai/wp-content/themes/povorot/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 07 May 2021 13:57:37 GMT last-modified Thu, 26 Apr 2018 10:15:01 GMT server nginx-reuseport/1.13.4 etag "5ae1a6a5-5b6" content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 1462 expires Sun, 06 Jun 2021 13:57:37 GMT
GET H2	200	logo2.png xn--80adgd3bebafnxcn.xn--p1ai/wp-content/themes/povorot/i/	48 KB 49 KB	59ms 57ms	Image image/png	87.236.16.107 BEGET-AS
General Check archive.org Show headers Download Go to Show image Full URL https://xn--80adgd3bebafnxcn.xn--p1ai/wp-content/themes/povorot/i/logo2.png Requested by Host: xn--80adgd3bebafnxcn.xn--p1ai URL: https://xn--80adgd3bebafnxcn.xn--p1ai/wp-content/themes/povorot/style.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.236.16.107 , Russian Federation, ASN198610 (BEGET-AS, RU), Reverse DNS ssl.spectre.beget.com Software nginx-reuseport/1.13.4 / Resource Hash 7c57d6bb233afec5de2620f1aae77ee4764d4089021e30ec1f4029dffbeaf32a Request headers Referer https://xn--80adgd3bebafnxcn.xn--p1ai/wp-content/themes/povorot/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 07 May 2021 13:57:37 GMT last-modified Thu, 26 Apr 2018 10:15:02 GMT server nginx-reuseport/1.13.4 etag "5ae1a6a6-c165" content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 49509 expires Sun, 06 Jun 2021 13:57:37 GMT
GET H2	200	style.css xn--80adgd3bebafnxcn.xn--p1ai/wp-content/themes/povorot/	31 KB 31 KB	57ms 56ms	Image text/css	87.236.16.107 BEGET-AS
General Check archive.org Show headers Download Go to Show image Full URL https://xn--80adgd3bebafnxcn.xn--p1ai/wp-content/themes/povorot/style.css Requested by Host: xn--80adgd3bebafnxcn.xn--p1ai URL: https://xn--80adgd3bebafnxcn.xn--p1ai/wp-content/themes/povorot/style.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.236.16.107 , Russian Federation, ASN198610 (BEGET-AS, RU), Reverse DNS ssl.spectre.beget.com Software nginx-reuseport/1.13.4 / Resource Hash e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 Request headers Referer https://xn--80adgd3bebafnxcn.xn--p1ai/wp-content/themes/povorot/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 07 May 2021 13:57:37 GMT content-encoding gzip last-modified Thu, 26 Apr 2018 10:15:00 GMT server nginx-reuseport/1.13.4 etag W/"5ae1a6a4-7a46" vary Accept-Encoding content-type text/css cache-control max-age=604800 expires Fri, 14 May 2021 13:57:37 GMT
GET H2	200	mail_icon.png xn--80adgd3bebafnxcn.xn--p1ai/wp-content/themes/povorot/i/	2 KB 2 KB	59ms 58ms	Image image/png	87.236.16.107 BEGET-AS
General Check archive.org Show headers Download Go to Show image Full URL https://xn--80adgd3bebafnxcn.xn--p1ai/wp-content/themes/povorot/i/mail_icon.png Requested by Host: xn--80adgd3bebafnxcn.xn--p1ai URL: https://xn--80adgd3bebafnxcn.xn--p1ai/wp-content/themes/povorot/style.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.236.16.107 , Russian Federation, ASN198610 (BEGET-AS, RU), Reverse DNS ssl.spectre.beget.com Software nginx-reuseport/1.13.4 / Resource Hash 977315eedf53531b879f0b2e8104d85fbf75742043bc5c10b90fdd76278a8b65 Request headers Referer https://xn--80adgd3bebafnxcn.xn--p1ai/wp-content/themes/povorot/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 07 May 2021 13:57:37 GMT last-modified Thu, 26 Apr 2018 10:15:02 GMT server nginx-reuseport/1.13.4 etag "5ae1a6a6-841" content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 2113 expires Sun, 06 Jun 2021 13:57:37 GMT
GET H2	200	vk.png xn--80adgd3bebafnxcn.xn--p1ai/wp-content/themes/povorot/i/	1 KB 2 KB	57ms 56ms	Image image/png	87.236.16.107 BEGET-AS
General Check archive.org Show headers Download Go to Show image Full URL https://xn--80adgd3bebafnxcn.xn--p1ai/wp-content/themes/povorot/i/vk.png Requested by Host: xn--80adgd3bebafnxcn.xn--p1ai URL: https://xn--80adgd3bebafnxcn.xn--p1ai/wp-content/themes/povorot/style.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.236.16.107 , Russian Federation, ASN198610 (BEGET-AS, RU), Reverse DNS ssl.spectre.beget.com Software nginx-reuseport/1.13.4 / Resource Hash e0d79b1d24d974bd3b5adc50a4ebe5a6e8c24a11a1761f3d7e982f64bb8688b0 Request headers Referer https://xn--80adgd3bebafnxcn.xn--p1ai/wp-content/themes/povorot/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 07 May 2021 13:57:37 GMT last-modified Thu, 26 Apr 2018 10:15:02 GMT server nginx-reuseport/1.13.4 etag "5ae1a6a6-557" content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 1367 expires Sun, 06 Jun 2021 13:57:37 GMT
GET H2	200	in.png xn--80adgd3bebafnxcn.xn--p1ai/wp-content/themes/povorot/i/	2 KB 2 KB	57ms 56ms	Image image/png	87.236.16.107 BEGET-AS
General Check archive.org Show headers Download Go to Show image Full URL https://xn--80adgd3bebafnxcn.xn--p1ai/wp-content/themes/povorot/i/in.png Requested by Host: xn--80adgd3bebafnxcn.xn--p1ai URL: https://xn--80adgd3bebafnxcn.xn--p1ai/wp-content/themes/povorot/style.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.236.16.107 , Russian Federation, ASN198610 (BEGET-AS, RU), Reverse DNS ssl.spectre.beget.com Software nginx-reuseport/1.13.4 / Resource Hash 15eeae30bff8a86e63fa76d27b556ab4059cb4313e4d33cb9fee0293364bbc90 Request headers Referer https://xn--80adgd3bebafnxcn.xn--p1ai/wp-content/themes/povorot/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 07 May 2021 13:57:37 GMT last-modified Thu, 26 Apr 2018 10:15:02 GMT server nginx-reuseport/1.13.4 etag "5ae1a6a6-78e" content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 1934 expires Sun, 06 Jun 2021 13:57:37 GMT
GET H2	200	bg-nav.png xn--80adgd3bebafnxcn.xn--p1ai/wp-content/themes/povorot/i/	178 KB 179 KB	59ms 57ms	Image image/png	87.236.16.107 BEGET-AS
General Check archive.org Show headers Download Go to Show image Full URL https://xn--80adgd3bebafnxcn.xn--p1ai/wp-content/themes/povorot/i/bg-nav.png Requested by Host: xn--80adgd3bebafnxcn.xn--p1ai URL: https://xn--80adgd3bebafnxcn.xn--p1ai/wp-content/themes/povorot/style.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.236.16.107 , Russian Federation, ASN198610 (BEGET-AS, RU), Reverse DNS ssl.spectre.beget.com Software nginx-reuseport/1.13.4 / Resource Hash ef3162728f25f19aecdd2eb12279035869b10d78cb6875f5692c2d8bc6c8414c Request headers Referer https://xn--80adgd3bebafnxcn.xn--p1ai/wp-content/themes/povorot/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 07 May 2021 13:57:37 GMT last-modified Thu, 26 Apr 2018 10:15:01 GMT server nginx-reuseport/1.13.4 etag "5ae1a6a5-2c9eb" content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 182763 expires Sun, 06 Jun 2021 13:57:37 GMT
GET H2	200	bg-foot1.png xn--80adgd3bebafnxcn.xn--p1ai/wp-content/themes/povorot/i/	491 KB 492 KB	58ms 57ms	Image image/png	87.236.16.107 BEGET-AS
General Check archive.org Show headers Download Go to Show image Full URL https://xn--80adgd3bebafnxcn.xn--p1ai/wp-content/themes/povorot/i/bg-foot1.png Requested by Host: xn--80adgd3bebafnxcn.xn--p1ai URL: https://xn--80adgd3bebafnxcn.xn--p1ai/wp-content/themes/povorot/style.css Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.236.16.107 , Russian Federation, ASN198610 (BEGET-AS, RU), Reverse DNS ssl.spectre.beget.com Software nginx-reuseport/1.13.4 / Resource Hash 3fa6f131c82ce0a6b6647b746d78a14cff411a72a72027244e62b52bfdf1c846 Request headers Referer https://xn--80adgd3bebafnxcn.xn--p1ai/wp-content/themes/povorot/style.css User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 07 May 2021 13:57:37 GMT last-modified Thu, 26 Apr 2018 10:15:01 GMT server nginx-reuseport/1.13.4 etag "5ae1a6a5-7ab35" content-type image/png cache-control max-age=2592000 accept-ranges bytes content-length 502581 expires Sun, 06 Jun 2021 13:57:37 GMT
GET		BebasBold.woff xn--80adgd3bebafnxcn.xn--p1ai/wp-content/themes/povorot/fonts/BebasBold/	0 0
GET		BebasRegular.woff xn--80adgd3bebafnxcn.xn--p1ai/wp-content/themes/povorot/fonts/BebasRegular/	0 0
GET H3-29	200	1484479458276977 Show response connect.facebook.net/signals/config/	254 KB 72 KB	22ms 22ms	Script application/x-javascript	2a03:2880:f008:8:face:b00c:0:1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/1484479458276977?v=2.9.39&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a03:2880:f008:8:face:b00c:0:1 Milan, Italy, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash dd052d575957f7d321a98d99c1ac60d54fec29f543a81c380605edb95fca3082 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://povorotnetuda.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c; content-encoding gzip x-content-type-options nosniff x-xss-protection 0 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 74005 x-fb-rlafr 0 pragma public x-fb-debug uFdiSuYz1OQUp9R3+aPob+Hbdp++RyKIuxw586Q6/OhcXqgLdunuAlzMPccBFEXE2ajNxWTuBnHMoQ+28ybzVA== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY date Fri, 07 May 2021 13:57:37 GMT strict-transport-security max-age=31536000; preload; includeSubDomains report-to {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]} content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H2	200	analytics.js Show response www.google-analytics.com/	48 KB 19 KB	7ms 5ms	Script text/javascript	2a00:1450:4001:80e::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/analytics.js Requested by Host: www.googletagmanager.com URL: https://www.googletagmanager.com/gtm.js?id=GTM-MGB2QLK Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 2cb09c7b3e19bfc41743ca3624ef81c3258d56525647feac76aa757e0292627a Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://povorotnetuda.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers strict-transport-security max-age=10886400; includeSubDomains; preload content-encoding gzip x-content-type-options nosniff last-modified Fri, 09 Apr 2021 23:59:54 GMT server Golfe2 age 1661 date Fri, 07 May 2021 13:29:56 GMT vary Accept-Encoding content-type text/javascript cache-control public, max-age=7200 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 19569 expires Fri, 07 May 2021 15:29:56 GMT
POST H3-29	200	collect Show response www.google-analytics.com/j/	2 B 22 B	13ms 13ms	XHR text/plain	2a00:1450:4001:80e::200e GOOGLE
General Check archive.org Show headers Download Go to Full URL https://www.google-analytics.com/j/collect?v=1&_v=j90&a=439143918&t=pageview&_s=1&dl=https%3A%2F%2Fpovorotnetuda.ru%2Flogin.php&ul=en-us&de=UTF-8&sd=24-bit&sr=1600x1200&vp=1600x1200&je=0&_u=YEBAAAABAAAAAC~&jid=837765373&gjid=1006898735&cid=1012695808.1620395858&tid=UA-114395671-1&_gid=1364317098.1620395858&_r=1&gtm=2wg4s0MGB2QLK&z=344222071 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a00:1450:4001:80e::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash de3246094525b21a870fc7d2a67490d0132535c6fa5993755c549f1a9d1bd8af Security Headers Name Value X-Content-Type-Options nosniff Request headers Referer https://povorotnetuda.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache date Fri, 07 May 2021 13:57:37 GMT x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 content-type text/plain access-control-allow-origin https://povorotnetuda.ru cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 2 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	watch.js Show response mc.yandex.ru/metrika/	123 KB 43 KB	51ms 49ms	Script application/javascript	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.ru/metrika/watch.js Requested by Host: povorotnetuda.ru URL: https://povorotnetuda.ru/login.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 0dc25fa3b32fcdcb0c8d6960ce7a9ec11627d8769d78a0fcc5c8d06a8a4a757d Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://povorotnetuda.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 07 May 2021 13:57:37 GMT content-encoding br last-modified Fri, 30 Apr 2021 17:14:07 GMT etag "608a4fd7-abe7" strict-transport-security max-age=31536000 content-type application/javascript access-control-allow-origin * cache-control max-age=3600 content-length 44007 expires Fri, 07 May 2021 14:57:37 GMT
GET H2	200	rtrg vk.com/	49 B 363 B	62ms 61ms	Image image/gif	87.240.139.194 VKONTAKTE-SPB-AS ...
General Check archive.org Show headers Download Go to Show image Full URL https://vk.com/rtrg?r=dXFGie9CR452uSxruIv/nRb*5/zzAbm/nJ10PttNevHlmM1oOjvYbYhbf7NvqYB6UWxzZtKiAo9KssttyE7wJQaRPZ4*eC*hCOcr2FG0MulF6fq3Os8vHtelZ83GX3xpXOtpt0/QL1f8tZ5mPMfWp2DjR/YiS5w*5d5OPD2SCTw- Requested by Host: povorotnetuda.ru URL: https://povorotnetuda.ru/login.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.240.139.194 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU), Reverse DNS srv194-139-240-87.vk.com Software kittenx / KPHP/7.4.107054 Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer https://povorotnetuda.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 07 May 2021 13:57:37 GMT content-encoding gzip x-frontend front609305 server kittenx x-powered-by KPHP/7.4.107054 strict-transport-security max-age=15768000 content-type image/gif access-control-expose-headers X-Frontend cache-control no-store content-length 65
GET H3-29	200	688232001310482 Show response connect.facebook.net/signals/config/	254 KB 72 KB	22ms 22ms	Script application/x-javascript	2a03:2880:f008:8:face:b00c:0:1 FACEBOOK
General Check archive.org Show headers Download Go to Full URL https://connect.facebook.net/signals/config/688232001310482?v=2.9.39&r=stable Requested by Host: connect.facebook.net URL: https://connect.facebook.net/en_US/fbevents.js Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a03:2880:f008:8:face:b00c:0:1 Milan, Italy, ASN32934 (FACEBOOK, US), Reverse DNS Software / Resource Hash a236a43883e55479a2c5b6e18dda928d4b9ade7687c09b0842a7c751e3c2a601 Security Headers Name Value Content-Security-Policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c; Strict-Transport-Security max-age=31536000; preload; includeSubDomains X-Content-Type-Options nosniff X-Frame-Options DENY X-Xss-Protection 0 Request headers Referer https://povorotnetuda.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers content-security-policy default-src facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com data: blob: 'self';script-src *.fbcdn.net *.facebook.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.net *.facebook.net fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com;connect-src *.fbcdn.net *.facebook.net attachment.fbsbx.com blob: 'self';block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c; content-encoding gzip x-content-type-options nosniff x-xss-protection 0 cross-origin-resource-policy cross-origin alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 content-length 74002 x-fb-rlafr 0 pragma public x-fb-debug PX+/QuhmPAhlrHyoS0FBo4+UQ/Qjhw1frJHjcgwlXOGT+Bhi4KHjvzwqOrJQxF1jicW3GwxyLvabHHFe/vBXVg== cross-origin-embedder-policy-report-only require-corp;report-to="coep_report" cross-origin-opener-policy same-origin-allow-popups x-frame-options DENY date Fri, 07 May 2021 13:57:37 GMT strict-transport-security max-age=31536000; preload; includeSubDomains report-to {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]} content-type application/x-javascript; charset=utf-8 vary Accept-Encoding cache-control public, max-age=1200 priority u=3,i expires Sat, 01 Jan 2000 00:00:00 GMT
GET H3-29	200	/ www.facebook.com/tr/	44 B 88 B	21ms 21ms	Image image/gif	2a03:2880:f108:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1484479458276977&ev=PageView&dl=https%3A%2F%2Fpovorotnetuda.ru%2Flogin.php&rl=&if=false&ts=1620395857946&sw=1600&sh=1200&v=2.9.39&r=stable&ec=0&o=30&fbp=fb.1.1620395857598.960851736&it=1620395857899&coo=false&exp=l1&rqm=GET Requested by Host: povorotnetuda.ru URL: https://povorotnetuda.ru/login.php Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a03:2880:f108:83:face:b00c:0:25de Milan, Italy, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://povorotnetuda.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 07 May 2021 13:57:37 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin content-length 44 alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 priority u=3,i expires Fri, 07 May 2021 13:57:37 GMT
POST H2	200	collect Show response stats.g.doubleclick.net/j/	1 B 85 B	34ms 34ms	XHR text/plain	2a00:1450:400c:c04::9d GOOGLE
General Check archive.org Show headers Download Go to Full URL https://stats.g.doubleclick.net/j/collect?t=dc&aip=1&_r=3&v=1&_v=j90&tid=UA-114395671-1&cid=1012695808.1620395858&jid=837765373&gjid=1006898735&_gid=1364317098.1620395858&_u=YEBAAAAAAAAAAC~&z=1157379730 Requested by Host: www.google-analytics.com URL: https://www.google-analytics.com/analytics.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:400c:c04::9d Brussels, Belgium, ASN15169 (GOOGLE, US), Reverse DNS Software Golfe2 / Resource Hash 6b86b273ff34fce19d6b804eff5a3f5747ada4eaa22f1d49c01e52ddb7875b4b Security Headers Name Value Strict-Transport-Security max-age=10886400; includeSubDomains; preload X-Content-Type-Options nosniff Request headers Referer https://povorotnetuda.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Content-Type text/plain Response headers pragma no-cache strict-transport-security max-age=10886400; includeSubDomains; preload x-content-type-options nosniff last-modified Sun, 17 May 1998 03:00:00 GMT server Golfe2 date Fri, 07 May 2021 13:57:37 GMT content-type text/plain access-control-allow-origin https://povorotnetuda.ru cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true cross-origin-resource-policy cross-origin alt-svc h3=":443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 1 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ Show response googleads.g.doubleclick.net/pagead/viewthroughconversion/970697919/	2 KB 1 KB	17ms 17ms	Script text/javascript	2a00:1450:4001:801::2002 GOOGLE
General Check archive.org Show headers Download Go to Full URL https://googleads.g.doubleclick.net/pagead/viewthroughconversion/970697919/?random=1620395857961&cv=9&fst=1620395857961&num=1&guid=ON&resp=GooglemKTybQhCsO&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&ig=1&frm=0&url=https%3A%2F%2Fpovorotnetuda.ru%2Flogin.php&hn=www.googleadservices.com&rfmt=3&fmt=4 Requested by Host: www.googleadservices.com URL: https://www.googleadservices.com/pagead/conversion.js Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:801::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash c0315495e45a67b1f71b619c7ccda4abe14fac36f7c04cbc723c5da1b4e5be48 Security Headers Name Value X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://povorotnetuda.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 07 May 2021 13:57:37 GMT content-encoding gzip x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR" cache-control no-cache, must-revalidate cross-origin-resource-policy cross-origin content-disposition attachment; filename="f.txt" content-type text/javascript; charset=UTF-8 alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 980 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H3-29	200	/ www.facebook.com/tr/	44 B 88 B	22ms 21ms	Image image/gif	2a03:2880:f108:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1484479458276977&ev=PixelInitialized&dl=https%3A%2F%2Fpovorotnetuda.ru%2Flogin.php&rl=&if=false&ts=1620395857985&sw=1600&sh=1200&v=2.9.39&r=stable&ec=1&o=30&fbp=fb.1.1620395857598.960851736&it=1620395857899&coo=false&exp=l1&rqm=GET Requested by Host: povorotnetuda.ru URL: https://povorotnetuda.ru/login.php Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a03:2880:f108:83:face:b00c:0:25de Milan, Italy, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://povorotnetuda.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 07 May 2021 13:57:37 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin content-length 44 alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 priority u=3,i expires Fri, 07 May 2021 13:57:37 GMT
GET H3-29	200	/ www.facebook.com/tr/	44 B 88 B	22ms 22ms	Image image/gif	2a03:2880:f108:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=688232001310482&ev=PixelInitialized&dl=https%3A%2F%2Fpovorotnetuda.ru%2Flogin.php&rl=&if=false&ts=1620395857986&sw=1600&sh=1200&v=2.9.39&r=stable&ec=0&o=30&fbp=fb.1.1620395857598.960851736&it=1620395857899&coo=false&exp=l1&rqm=GET Requested by Host: povorotnetuda.ru URL: https://povorotnetuda.ru/login.php Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a03:2880:f108:83:face:b00c:0:25de Milan, Italy, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://povorotnetuda.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 07 May 2021 13:57:37 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin content-length 44 alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 priority u=3,i expires Fri, 07 May 2021 13:57:37 GMT
GET H2	200	/ www.google.com/pagead/1p-user-list/970697919/	42 B 108 B	21ms 21ms	Image image/gif	2a00:1450:4001:808::2004 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.com/pagead/1p-user-list/970697919/?random=1620395857961&cv=9&fst=1620392400000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fpovorotnetuda.ru%2Flogin.php&fmt=3&is_vtc=1&random=2139371599&resp=GooglemKTybQhCsO&rmt_tld=0&ipr=y Requested by Host: povorotnetuda.ru URL: https://povorotnetuda.ru/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:808::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://povorotnetuda.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 07 May 2021 13:57:38 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	/ www.google.de/pagead/1p-user-list/970697919/	42 B 108 B	19ms 19ms	Image image/gif	2a00:1450:4001:829::2003 GOOGLE
General Check archive.org Show headers Download Go to Show image Full URL https://www.google.de/pagead/1p-user-list/970697919/?random=1620395857961&cv=9&fst=1620392400000&num=1&guid=ON&eid=2505059651&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_his=2&u_tz=120&u_java=false&u_nplug=0&u_nmime=0&sendb=1&frm=0&url=https%3A%2F%2Fpovorotnetuda.ru%2Flogin.php&fmt=3&is_vtc=1&random=2139371599&resp=GooglemKTybQhCsO&rmt_tld=1&ipr=y Requested by Host: povorotnetuda.ru URL: https://povorotnetuda.ru/login.php Protocol H2 Security TLS 1.3, , AES_128_GCM Server 2a00:1450:4001:829::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US), Reverse DNS Software cafe / Resource Hash ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629 Security Headers Name Value Content-Security-Policy script-src 'none'; object-src 'none' X-Content-Type-Options nosniff X-Xss-Protection 0 Request headers Referer https://povorotnetuda.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 07 May 2021 13:57:38 GMT x-content-type-options nosniff server cafe timing-allow-origin * p3p policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC" cache-control no-cache, no-store, must-revalidate cross-origin-resource-policy cross-origin content-security-policy script-src 'none'; object-src 'none' content-type image/gif alt-svc h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43" content-length 42 x-xss-protection 0 expires Fri, 01 Jan 1990 00:00:00 GMT
GET H2	200	rtrg vk.com/	49 B 363 B	60ms 60ms	Image image/gif	87.240.139.194 VKONTAKTE-SPB-AS ...
General Check archive.org Show headers Download Go to Show image Full URL https://vk.com/rtrg?p=VK-RTRG-330758-dl7Me&metatag_url=https%3A%2F%2Fpovorotnetuda.ru%2Flogin.php Requested by Host: povorotnetuda.ru URL: https://povorotnetuda.ru/login.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 87.240.139.194 , Russian Federation, ASN47541 (VKONTAKTE-SPB-AS http://vk.com, RU), Reverse DNS srv194-139-240-87.vk.com Software kittenx / KPHP/7.4.107054 Resource Hash 2f561b02a49376e3679acd5975e3790abdff09ecbadfa1e1858c7ba26e3ffcef Security Headers Name Value Strict-Transport-Security max-age=15768000 Request headers Referer https://povorotnetuda.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 07 May 2021 13:57:38 GMT content-encoding gzip x-frontend front609305 server kittenx x-powered-by KPHP/7.4.107054 strict-transport-security max-age=15768000 content-type image/gif access-control-expose-headers X-Frontend cache-control no-store content-length 65
GET		BebasBold.ttf xn--80adgd3bebafnxcn.xn--p1ai/wp-content/themes/povorot/fonts/BebasBold/	0 0
GET H2	400	sync_cookie_image_decide mc.yandex.com/ Redirect Chain https://mc.yandex.com/sync_cookie_image_check https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9266.MTxVGuZNXQ_BZwkc68yJgPmptE3gr12RTpMj4QCAwIMksSfhDcDSte6Ze4n09hFv.nLRmR-WPB1chwEWYbhHS2GqcFfo%2C https://mc.yandex.com/sync_cookie_image_decide?token=9266.Y5TF7X8ZxSswMYnpYL71Z-ae0aNa-rSCqcg6xdfnB5vY7e8oCTeVqVSzbnYQBdeL9rT4qcxYadwcigtTYMOOkg%2C%2C.qYLo2vG2ahCzCRi0Jq-9lUYg9nY%2C	75 B 75 B	52ms 52ms	Image text/html	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.com/sync_cookie_image_decide?token=9266.Y5TF7X8ZxSswMYnpYL71Z-ae0aNa-rSCqcg6xdfnB5vY7e8oCTeVqVSzbnYQBdeL9rT4qcxYadwcigtTYMOOkg%2C%2C.qYLo2vG2ahCzCRi0Jq-9lUYg9nY%2C Requested by Host: povorotnetuda.ru URL: https://povorotnetuda.ru/login.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 8398a026313c016324f186d1c9b24a46813109d4bc5477d910a683079cbf1434 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Xss-Protection 1; mode=block Request headers Referer https://povorotnetuda.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 07 May 2021 13:57:38 GMT strict-transport-security max-age=31536000 content-length 75 x-xss-protection 1; mode=block content-type text/html; charset=utf-8 Redirect headers location https://mc.yandex.com/sync_cookie_image_decide?token=9266.Y5TF7X8ZxSswMYnpYL71Z-ae0aNa-rSCqcg6xdfnB5vY7e8oCTeVqVSzbnYQBdeL9rT4qcxYadwcigtTYMOOkg%2C%2C.qYLo2vG2ahCzCRi0Jq-9lUYg9nY%2C date Fri, 07 May 2021 13:57:38 GMT strict-transport-security max-age=31536000 x-xss-protection 1; mode=block
GET		BebasRegular.ttf xn--80adgd3bebafnxcn.xn--p1ai/wp-content/themes/povorot/fonts/BebasRegular/	0 0
GET H2	200	advert.gif mc.yandex.com/metrika/	43 B 136 B	49ms 49ms	Image image/gif	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Show image Full URL https://mc.yandex.com/metrika/advert.gif Requested by Host: povorotnetuda.ru URL: https://povorotnetuda.ru/login.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87 Security Headers Name Value Strict-Transport-Security max-age=31536000 Request headers Referer https://povorotnetuda.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 07 May 2021 13:57:38 GMT last-modified Fri, 30 Apr 2021 17:14:07 GMT etag "608a4fd7-2b" strict-transport-security max-age=31536000 content-type image/gif access-control-allow-origin * cache-control max-age=3600 accept-ranges bytes content-length 43 expires Fri, 07 May 2021 14:57:38 GMT
GET H2	200	xA6QUWUgQ5 Show response code.jivosite.com/script/widget/	17 KB 6 KB	5121ms 5120ms	Script application/javascript	2a03:90c0:41:2801::254 GCORE
General Check archive.org Show headers Download Go to Full URL https://code.jivosite.com/script/widget/xA6QUWUgQ5 Requested by Host: povorotnetuda.ru URL: https://povorotnetuda.ru/login.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU), Reverse DNS Software nginx / Resource Hash fcab264e99079508ea218caaa0be0185340c2558353ad024b183ed46d633d682 Request headers Referer https://povorotnetuda.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-id fr5-up-gc37 date Fri, 07 May 2021 13:57:43 GMT content-encoding br access-control-allow-origin * x-shard fr5-shard0-default_443 x-geo-shard ya content-length 5968 last-modified Tue, 27 Apr 2021 13:20:29 GMT server nginx etag "60880f9d-1750" vary Accept-Encoding content-type application/javascript via 1.1 sharxy cache-control max-age=7200 cache MISS accept-ranges bytes expires Fri, 07 May 2021 15:57:43 GMT
GET H2	200	1 Show response mc.yandex.com/watch/31361493/ Redirect Chain https://mc.yandex.com/watch/31361493?wmode=7&page-url=https%3A%2F%2Fpovorotnetuda.ru%2Flogin.php&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abx1nzewshzamry4%3Afp%3A464%3Afu%3A0%3Aen%3Autf-... https://mc.yandex.com/watch/31361493/1?wmode=7&page-url=https%3A%2F%2Fpovorotnetuda.ru%2Flogin.php&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abx1nzewshzamry4%3Afp%3A464%3Afu%3A0%3Aen%3Aut...	184 B 215 B	56ms 56ms	XHR application/json	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/watch/31361493/1?wmode=7&page-url=https%3A%2F%2Fpovorotnetuda.ru%2Flogin.php&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abx1nzewshzamry4%3Afp%3A464%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A1%3Adp%3A0%3Als%3A138141547974%3Ahid%3A972590676%3Az%3A120%3Ai%3A20210507155738%3Aet%3A1620395858%3Ac%3A1%3Arn%3A725433135%3Au%3A1620395858194914867%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1620395857418%3Ads%3A0%2C113%2C192%2C1%2C0%2C0%2C%2C238%2C4%2C%2C%2C%2C548%3Adsn%3A0%2C112%2C193%2C0%2C0%2C0%2C%2C241%2C5%2C%2C%2C%2C548%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1620395858%3At%3A Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 8735e92b5feadb262b74ea3084cc6fb579120a280396e5d10c66895173393618 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://povorotnetuda.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 07 May 2021 13:57:38 GMT x-content-type-options nosniff last-modified Fri, 07-May-2021 13:57:38 GMT strict-transport-security max-age=31536000 content-type application/json; charset=utf-8 access-control-allow-origin https://povorotnetuda.ru cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 184 x-xss-protection 1; mode=block expires Fri, 07-May-2021 13:57:38 GMT Redirect headers pragma no-cache date Fri, 07 May 2021 13:57:38 GMT last-modified Fri, 07-May-2021 13:57:38 GMT location /watch/31361493/1?wmode=7&page-url=https%3A%2F%2Fpovorotnetuda.ru%2Flogin.php&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abx1nzewshzamry4%3Afp%3A464%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A1%3Adp%3A0%3Als%3A138141547974%3Ahid%3A972590676%3Az%3A120%3Ai%3A20210507155738%3Aet%3A1620395858%3Ac%3A1%3Arn%3A725433135%3Au%3A1620395858194914867%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1620395857418%3Ads%3A0%2C113%2C192%2C1%2C0%2C0%2C%2C238%2C4%2C%2C%2C%2C548%3Adsn%3A0%2C112%2C193%2C0%2C0%2C0%2C%2C241%2C5%2C%2C%2C%2C548%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1620395858%3At%3A strict-transport-security max-age=31536000 access-control-allow-origin https://povorotnetuda.ru cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true x-xss-protection 1; mode=block expires Fri, 07-May-2021 13:57:38 GMT
GET H2	200	1 Show response mc.yandex.com/watch/31051446/ Redirect Chain https://mc.yandex.com/watch/31051446?wmode=7&page-url=https%3A%2F%2Fpovorotnetuda.ru%2Flogin.php&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abx1nzewshzamry4%3Afp%3A464%3Afu%3A0%3Aen%3Autf-... https://mc.yandex.com/watch/31051446/1?wmode=7&page-url=https%3A%2F%2Fpovorotnetuda.ru%2Flogin.php&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abx1nzewshzamry4%3Afp%3A464%3Afu%3A0%3Aen%3Aut...	184 B 293 B	49ms 49ms	XHR application/json	2a02:6b8::1:119 YANDEX
General Check archive.org Show headers Download Go to Full URL https://mc.yandex.com/watch/31051446/1?wmode=7&page-url=https%3A%2F%2Fpovorotnetuda.ru%2Flogin.php&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abx1nzewshzamry4%3Afp%3A464%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A2%3Adp%3A0%3Als%3A144817181955%3Ahid%3A972590676%3Az%3A120%3Ai%3A20210507155738%3Aet%3A1620395858%3Ac%3A1%3Arn%3A202753135%3Au%3A1620395858194914867%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1620395857418%3Ads%3A0%2C113%2C192%2C1%2C0%2C0%2C%2C238%2C4%2C%2C%2C%2C548%3Adsn%3A0%2C112%2C193%2C0%2C0%2C0%2C%2C241%2C5%2C%2C%2C%2C548%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1620395858%3At%3A Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU), Reverse DNS Software / Resource Hash 309335fbb91309606e55fc7f28c76b979c62ecb99d0f9e4d7b75d574962deb16 Security Headers Name Value Strict-Transport-Security max-age=31536000 X-Content-Type-Options nosniff X-Xss-Protection 1; mode=block Request headers Referer https://povorotnetuda.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 07 May 2021 13:57:38 GMT x-content-type-options nosniff last-modified Fri, 07-May-2021 13:57:38 GMT strict-transport-security max-age=31536000 content-type application/json; charset=utf-8 access-control-allow-origin https://povorotnetuda.ru cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true content-length 184 x-xss-protection 1; mode=block expires Fri, 07-May-2021 13:57:38 GMT Redirect headers pragma no-cache date Fri, 07 May 2021 13:57:38 GMT last-modified Fri, 07-May-2021 13:57:38 GMT location /watch/31051446/1?wmode=7&page-url=https%3A%2F%2Fpovorotnetuda.ru%2Flogin.php&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3Abx1nzewshzamry4%3Afp%3A464%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A504%3Acn%3A2%3Adp%3A0%3Als%3A144817181955%3Ahid%3A972590676%3Az%3A120%3Ai%3A20210507155738%3Aet%3A1620395858%3Ac%3A1%3Arn%3A202753135%3Au%3A1620395858194914867%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1620395857418%3Ads%3A0%2C113%2C192%2C1%2C0%2C0%2C%2C238%2C4%2C%2C%2C%2C548%3Adsn%3A0%2C112%2C193%2C0%2C0%2C0%2C%2C241%2C5%2C%2C%2C%2C548%3Arqnl%3A1%3Aadb%3A2%3Ati%3A2%3Ast%3A1620395858%3At%3A strict-transport-security max-age=31536000 access-control-allow-origin https://povorotnetuda.ru cache-control private, no-cache, no-store, must-revalidate, max-age=0 access-control-allow-credentials true x-xss-protection 1; mode=block expires Fri, 07-May-2021 13:57:38 GMT
GET H3-29	200	/ www.facebook.com/tr/	44 B 88 B	21ms 21ms	Image image/gif	2a03:2880:f108:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=1484479458276977&ev=Microdata&dl=https%3A%2F%2Fpovorotnetuda.ru%2Flogin.php&rl=&if=false&ts=1620395859449&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%2C%22meta%3Adescription%22%3A%22%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.39&r=stable&ec=2&o=30&fbp=fb.1.1620395857598.960851736&it=1620395857899&coo=false&es=automatic&tm=3&exp=l1&rqm=GET Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a03:2880:f108:83:face:b00c:0:25de Milan, Italy, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://povorotnetuda.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 07 May 2021 13:57:39 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin content-length 44 alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 priority u=3,i expires Fri, 07 May 2021 13:57:39 GMT
GET H3-29	200	/ www.facebook.com/tr/	44 B 88 B	21ms 21ms	Image image/gif	2a03:2880:f108:83:face:b00c:0:25de FACEBOOK
General Check archive.org Show headers Download Go to Show image Full URL https://www.facebook.com/tr/?id=688232001310482&ev=Microdata&dl=https%3A%2F%2Fpovorotnetuda.ru%2Flogin.php&rl=&if=false&ts=1620395859488&cd[DataLayer]=%5B%5D&cd[Meta]=%7B%22title%22%3A%22%22%2C%22meta%3Adescription%22%3A%22%22%2C%22meta%3Akeywords%22%3A%22%22%7D&cd[OpenGraph]=%7B%7D&cd[Schema.org]=%5B%5D&cd[JSON-LD]=%5B%5D&sw=1600&sh=1200&v=2.9.39&r=stable&ec=1&o=30&fbp=fb.1.1620395857598.960851736&it=1620395857899&coo=false&es=automatic&tm=3&exp=l1&rqm=GET Protocol H3-29 Security QUIC, , AES_128_GCM Server 2a03:2880:f108:83:face:b00c:0:25de Milan, Italy, ASN32934 (FACEBOOK, US), Reverse DNS Software proxygen-bolt / Resource Hash 10d8d42d73a02ddb877101e72fbfa15a0ec820224d97cedee4cf92d571be5caa Security Headers Name Value Strict-Transport-Security max-age=31536000; includeSubDomains Request headers Referer https://povorotnetuda.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers date Fri, 07 May 2021 13:57:39 GMT last-modified Fri, 21 Dec 2012 00:00:01 GMT server proxygen-bolt strict-transport-security max-age=31536000; includeSubDomains content-type image/gif cache-control no-cache, must-revalidate, max-age=0 cross-origin-resource-policy cross-origin content-length 44 alt-svc h3-29=":443"; ma=3600,h3-27=":443"; ma=3600 priority u=3,i expires Fri, 07 May 2021 13:57:39 GMT
GET H2	200	xA6QUWUgQ5 Show response code.jivosite.com/script/widget/config/	2 KB 878 B	46ms 46ms	XHR application/x-javascript	2a03:90c0:41:2801::254 GCORE
General Check archive.org Show headers Download Go to Full URL https://code.jivosite.com/script/widget/config/xA6QUWUgQ5 Requested by Host: code.jivosite.com URL: https://code.jivosite.com/script/widget/xA6QUWUgQ5 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU), Reverse DNS Software nginx / Resource Hash e35d1ea5fa4b9ec9ba7e65f2723121342772ba5dcef5f36217119c6df52dbbb7 Request headers Referer https://povorotnetuda.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-id fr5-up-gc30 date Fri, 07 May 2021 13:57:43 GMT content-encoding gzip access-control-allow-origin * x-cached-since 2021-05-07T13:57:37+00:00 x-shard fr5-shard0-default_443 x-geo-shard ya content-length 784 server nginx vary Accept-Encoding content-type application/x-javascript via 1.1 sharxy cache-control max-age=7200 cache HIT accept-ranges bytes expires Fri, 07 May 2021 15:57:36 GMT
GET H2	200	xA6QUWUgQ5 Show response node-ya10.jivosite.com/widget/status/812169/	80 B 175 B	58ms 58ms	XHR application/json	84.201.147.165 YANDEXCLOUD
General Check archive.org Show headers Download Go to Full URL https://node-ya10.jivosite.com/widget/status/812169/xA6QUWUgQ5?rnd=0.10998578515375157 Requested by Host: code.jivosite.com URL: https://code.jivosite.com/script/widget/xA6QUWUgQ5 Protocol H2 Security TLS 1.3, , AES_128_GCM Server 84.201.147.165 , Russian Federation, ASN200350 (YANDEXCLOUD, RU), Reverse DNS Software foxy / Resource Hash a6121617bd9a18d9f9fbf7d09ab7303661860fbeb52098fe3bafd054c53491a7 Request headers Referer https://povorotnetuda.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers pragma no-cache date Fri, 07 May 2021 13:57:43 GMT server foxy x-botmode no x-geoip NL;07;Amsterdam content-type application/json; charset=utf-8 access-control-allow-origin https://povorotnetuda.ru access-control-expose-headers X-Geoip, X-Botmode cache-control no-cache, no-store, must-revalidate access-control-allow-credentials true access-control-allow-max-age 1728000 content-length 80
GET H2	200	bundle_ru_RU.js Show response code-ya.jivosite.com/js/	1 MB 317 KB	6ms 6ms	Script application/javascript	2a03:90c0:41:2801::254 GCORE
General Check archive.org Show headers Download Go to Full URL https://code-ya.jivosite.com/js/bundle_ru_RU.js?rand=1619595180 Requested by Host: code.jivosite.com URL: https://code.jivosite.com/script/widget/xA6QUWUgQ5 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU), Reverse DNS Software nginx / Resource Hash 5f581486e9d21f8615522c58d3356d4f8b70d93c6fc8386c5c641b3466aa3401 Request headers Referer https://povorotnetuda.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-id fr5-up-gc37 date Fri, 07 May 2021 13:57:43 GMT content-encoding gzip access-control-allow-origin * x-cached-since 2021-05-07T13:32:54+00:00 x-geo-shard ya content-length 324223 last-modified Tue, 27 Apr 2021 13:23:16 GMT server nginx etag "60881044-4f27f" vary Accept-Encoding content-type application/javascript via 1.1 sharxy cache-control max-age=86400 cache HIT accept-ranges bytes
GET H2	200	widget.css code-ya.jivosite.com/css/2325b35c/	192 KB 29 KB	6ms 6ms	Stylesheet text/css	2a03:90c0:41:2801::254 GCORE
General Check archive.org Show headers Download Go to Full URL https://code-ya.jivosite.com/css/2325b35c/widget.css Requested by Host: povorotnetuda.ru URL: https://povorotnetuda.ru/login.php Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU), Reverse DNS Software nginx / Resource Hash a7ed189b56d152e60a5ff5f0e80fe59e629af259a2d3f1aea0736d8ec29183bf Request headers Referer https://povorotnetuda.ru/ User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers x-id fr5-up-gc37 date Fri, 07 May 2021 13:57:43 GMT content-encoding br x-cached-since 2021-04-28T13:31:03+00:00 x-geo-shard ya content-length 29416 last-modified Tue, 27 Apr 2021 13:23:08 GMT server nginx etag "6088103c-72e8" vary Accept-Encoding content-type text/css via 1.1 sharxy cache-control max-age=864000 cache HIT accept-ranges bytes expires Sat, 08 May 2021 13:31:03 GMT
GET DATA	200 OK	truncated /	393 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash c66b5eadbc121cef27de174430ad219f445c82ff938916a34582c712d4bf76d5 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	1 KB 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 2210b7e6d726c9d273fbb76890845c5054bdcc03ce803fe9b153ac7dac1dd646 Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml
GET DATA	200 OK	truncated /	447 B 0		Image image/svg+xml
General Check archive.org Show headers Download Go to Show image Full URL data:truncated Protocol DATA Server -, , ASN (), Reverse DNS Software / Resource Hash 6d2b109a76164f78748127e2fcac439ea51f75befbbb92b2c95118b359cc2eaa Request headers Referer User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Response headers Content-Type image/svg+xml
GET H2	206	agent_message.mp3 code-ya.jivosite.com/sounds/	4 KB 4 KB	6ms 5ms	Media audio/mpeg	2a03:90c0:41:2801::254 GCORE
General Check archive.org Show headers Download Go to Full URL https://code-ya.jivosite.com/sounds/agent_message.mp3 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU), Reverse DNS Software nginx / Resource Hash ff81aad05612f90cf97c238f219765884e5cbf49351d8dc96a4a063c598c3f43 Request headers Referer https://povorotnetuda.ru/ Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Range bytes=0- Response headers x-id fr5-up-gc37 date Fri, 07 May 2021 13:57:43 GMT via 1.1 sharxy x-cached-since 2021-05-05T09:55:45+00:00 Content-Range bytes 0-3759/3760 x-geo-shard ya Content-Length 3760 last-modified Tue, 27 Apr 2021 13:18:59 GMT server nginx etag "60880f43-eb0" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type audio/mpeg access-control-allow-origin * cache-control max-age=2592000 cache HIT expires Fri, 04 Jun 2021 09:55:44 GMT
GET H2	206	notification.mp3 code-ya.jivosite.com/sounds/	6 KB 6 KB	7ms 6ms	Media audio/mpeg	2a03:90c0:41:2801::254 GCORE
General Check archive.org Show headers Download Go to Full URL https://code-ya.jivosite.com/sounds/notification.mp3 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU), Reverse DNS Software nginx / Resource Hash 1112436abea08c851302bba4d4e37a27e25e5ec26b20474667a3369d41154bab Request headers Referer https://povorotnetuda.ru/ Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Range bytes=0- Response headers x-id fr5-up-gc37 date Fri, 07 May 2021 13:57:43 GMT via 1.1 sharxy x-cached-since 2021-05-05T09:55:40+00:00 Content-Range bytes 0-5807/5808 x-geo-shard ya Content-Length 5808 last-modified Tue, 27 Apr 2021 13:18:59 GMT server nginx etag "60880f43-16b0" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type audio/mpeg access-control-allow-origin * cache-control max-age=2592000 cache HIT expires Fri, 04 Jun 2021 09:55:39 GMT
GET H2	206	outgoing_message.mp3 code-ya.jivosite.com/sounds/	5 KB 5 KB	7ms 6ms	Media audio/mpeg	2a03:90c0:41:2801::254 GCORE
General Check archive.org Show headers Download Go to Full URL https://code-ya.jivosite.com/sounds/outgoing_message.mp3 Protocol H2 Security TLS 1.3, , AES_256_GCM Server 2a03:90c0:41:2801::254 Frankfurt am Main, Germany, ASN199524 (GCORE, LU), Reverse DNS Software nginx / Resource Hash d44244617bf21df7a137694fa762d5cab3b82cb9fae8f33de5917977b02b2a11 Request headers Referer https://povorotnetuda.ru/ Accept-Encoding identity;q=1, *;q=0 User-Agent Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.72 Safari/537.36 Range bytes=0- Response headers x-id fr5-up-gc37 date Fri, 07 May 2021 13:57:43 GMT via 1.1 sharxy x-cached-since 2021-05-05T09:55:35+00:00 Content-Range bytes 0-5013/5014 x-geo-shard ya Content-Length 5014 last-modified Tue, 27 Apr 2021 13:18:59 GMT server nginx etag "60880f43-1396" vary Accept-Encoding access-control-allow-methods GET, POST, OPTIONS content-type audio/mpeg access-control-allow-origin * cache-control max-age=2592000 cache HIT expires Fri, 04 Jun 2021 09:55:34 GMT

Failed requests

These URLs were requested, but there was no response received. You will also see them in the list above.

Domain

xn--80adgd3bebafnxcn.xn--p1ai

URL

https://xn--80adgd3bebafnxcn.xn--p1ai/wp-content/themes/povorot/fonts/BebasBold/BebasBold.woff

Domain

xn--80adgd3bebafnxcn.xn--p1ai

URL

https://xn--80adgd3bebafnxcn.xn--p1ai/wp-content/themes/povorot/fonts/BebasRegular/BebasRegular.woff

Domain

xn--80adgd3bebafnxcn.xn--p1ai

URL

https://xn--80adgd3bebafnxcn.xn--p1ai/wp-content/themes/povorot/fonts/BebasBold/BebasBold.ttf

Domain

xn--80adgd3bebafnxcn.xn--p1ai

URL

https://xn--80adgd3bebafnxcn.xn--p1ai/wp-content/themes/povorot/fonts/BebasRegular/BebasRegular.ttf