aviadejavu.ru Open in urlscan Pro
109.94.209.30 Public Scan

URL:
http://aviadejavu.ru/
Submission: On March 04 via manual (March 4th 2021, 2:19:24 pm UTC) from GB

Summary HTTP 92 Redirects Links 3 Behaviour Indicators

Summary

This website contacted 20 IPs in 4 countries across 14 domains to perform 92 HTTP transactions. The main IP is 109.94.209.30, located in Estonia and belongs to ARVID-LOGICUM, EE. The main domain is aviadejavu.ru.

This is the only time aviadejavu.ru was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

	IP Address	AS Autonomous System
17	109.94.209.30 109.94.209.30	202376 (ARVID-LOG...) (ARVID-LOGICUM)
2 5	2a02:6b8::1:119 2a02:6b8::1:119	13238 (YANDEX) (YANDEX)
7	2a00:1450:400... 2a00:1450:4001:809::2002	15169 (GOOGLE) (GOOGLE)
6	2a00:1450:400... 2a00:1450:4001:801::200e	15169 (GOOGLE) (GOOGLE)
1 1	2a00:1450:400... 2a00:1450:4001:827::2003	15169 (GOOGLE) (GOOGLE)
4	2a00:1450:400... 2a00:1450:4001:802::2003	15169 (GOOGLE) (GOOGLE)
12	2a00:1450:400... 2a00:1450:4001:802::2002	15169 (GOOGLE) (GOOGLE)
4	2a03:2880:f11... 2a03:2880:f11c:8183:face:b00c:0:25de	32934 (FACEBOOK) (FACEBOOK)
1 3	2a00:1450:400... 2a00:1450:4001:813::2004	15169 (GOOGLE) (GOOGLE)
1 3	151.101.12.134 151.101.12.134	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:802::200d	15169 (GOOGLE) (GOOGLE)
1	142.250.186.34 142.250.186.34	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:808::2002	15169 (GOOGLE) (GOOGLE)
3	2a00:1450:400... 2a00:1450:4001:828::2002	15169 (GOOGLE) (GOOGLE)
1	2a00:1450:400... 2a00:1450:4001:82b::2003	15169 (GOOGLE) (GOOGLE)
7	2606:4700::68... 2606:4700::6812:a913	13335 (CLOUDFLAR...) (CLOUDFLARENET)
3	151.101.128.134 151.101.128.134	54113 (FASTLY) (FASTLY)
1	2a00:1450:400... 2a00:1450:4001:813::200a	15169 (GOOGLE) (GOOGLE)
15	2a00:1450:400... 2a00:1450:4001:809::2001	15169 (GOOGLE) (GOOGLE)
2	2a00:1450:400... 2a00:1450:4001:803::2003	15169 (GOOGLE) (GOOGLE)
92	20

17 109.94.209.30 (Estonia)

ASN202376 (ARVID-LOGICUM, EE)
PTR: knight30.dns-panel.ru

aviadejavu.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

5 2a02:6b8::1:119 (Moscow, Russian Federation) 2 redirects

ASN13238 (YANDEX, RU)

mc.yandex.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2a00:1450:4001:809::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

pagead2.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

6 2a00:1450:4001:801::200e (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

apis.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:827::2003 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.ru	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a00:1450:4001:802::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

12 2a00:1450:4001:802::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

googleads.g.doubleclick.net	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
adservice.google.de	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

4 2a03:2880:f11c:8183:face:b00c:0:25de (United States)

ASN32934 (FACEBOOK, US)

www.facebook.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:813::2004 (Frankfurt am Main, Germany) 1 redirects

ASN15169 (GOOGLE, US)

www.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.12.134 (Frankfurt am Main, Germany) 1 redirects

ASN54113 (FASTLY, US)

aviadejavu.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools
referrer.disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:802::200d (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

accounts.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 142.250.186.34 (United States)

ASN15169 (GOOGLE, US)
PTR: fra24s04-in-f2.1e100.net

partner.googleadservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:808::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

adservice.google.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 2a00:1450:4001:828::2002 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

www.googletagservices.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:82b::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

ssl.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

7 2606:4700::6812:a913 (United States)

ASN13335 (CLOUDFLARENET, US)

c.disquscdn.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

3 151.101.128.134 (United States)

ASN54113 (FASTLY, US)

disqus.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

1 2a00:1450:4001:813::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.googleapis.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

15 2a00:1450:4001:809::2001 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

tpc.googlesyndication.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

2 2a00:1450:4001:803::2003 (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)

fonts.gstatic.com	Domain lookup VirusTotal SecurityTrails crt.sh Censys Domaintools

	Apex Domain Subdomains	Transfer
22	googlesyndication.com pagead2.googlesyndication.com tpc.googlesyndication.com	235 KB
17	aviadejavu.ru aviadejavu.ru	269 KB
11	doubleclick.net googleads.g.doubleclick.net	38 KB
11	google.com 1 redirects apis.google.com www.google.com accounts.google.com adservice.google.com	136 KB
7	disquscdn.com c.disquscdn.com	461 KB
7	gstatic.com www.gstatic.com ssl.gstatic.com fonts.gstatic.com	60 KB
6	disqus.com 1 redirects aviadejavu.disqus.com disqus.com referrer.disqus.com	50 KB
5	yandex.ru 2 redirects mc.yandex.ru	44 KB
4	facebook.com www.facebook.com	139 KB
3	googletagservices.com www.googletagservices.com	95 KB
1	googleapis.com fonts.googleapis.com	1023 B
1	google.de adservice.google.de	799 B
1	googleadservices.com partner.googleadservices.com	642 B
1	google.ru 1 redirects www.google.ru	338 B
92	14

	Domain	Requested by
17	aviadejavu.ru	aviadejavu.ru
15	tpc.googlesyndication.com	googleads.g.doubleclick.net pagead2.googlesyndication.com tpc.googlesyndication.com
11	googleads.g.doubleclick.net	pagead2.googlesyndication.com googleads.g.doubleclick.net
7	c.disquscdn.com	aviadejavu.disqus.com disqus.com c.disquscdn.com
7	pagead2.googlesyndication.com	aviadejavu.ru pagead2.googlesyndication.com tpc.googlesyndication.com www.googletagservices.com
6	apis.google.com	aviadejavu.ru apis.google.com accounts.google.com
5	mc.yandex.ru	2 redirects aviadejavu.ru
4	www.facebook.com	aviadejavu.ru www.facebook.com
4	www.gstatic.com	aviadejavu.ru googleads.g.doubleclick.net
3	disqus.com	aviadejavu.disqus.com c.disquscdn.com
3	www.googletagservices.com	pagead2.googlesyndication.com googleads.g.doubleclick.net
3	www.google.com	1 redirects aviadejavu.ru apis.google.com
2	fonts.gstatic.com	fonts.googleapis.com
2	aviadejavu.disqus.com	1 redirects aviadejavu.ru
1	referrer.disqus.com
1	fonts.googleapis.com	googleads.g.doubleclick.net
1	ssl.gstatic.com	accounts.google.com
1	adservice.google.com	pagead2.googlesyndication.com
1	adservice.google.de	pagead2.googlesyndication.com
1	partner.googleadservices.com	pagead2.googlesyndication.com
1	accounts.google.com	apis.google.com
1	www.google.ru	1 redirects
92	22

This site contains links to these domains. Also see Links.

Domain
www.airwar.ru
flyingmachines.ru
www.aviations.ru

Subject Issuer	Validity	Valid
mc.yandex.ru Yandex CA	`2021-02-27` - `2021-08-09`	5 months	crt.sh
*.apis.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.gstatic.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.g.doubleclick.net GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.facebook.com DigiCert SHA2 High Assurance Server CA	`2021-02-10` - `2021-05-10`	3 months	crt.sh
www.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.disqus.com DigiCert SHA2 Secure Server CA	`2020-04-20` - `2022-05-09`	2 years	crt.sh
accounts.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.googleadservices.com GTS CA 1O1	`2021-02-17` - `2021-05-12`	3 months	crt.sh
*.google.de GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
*.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
sni.cloudflaressl.com Cloudflare Inc ECC CA-3	`2020-08-15` - `2021-08-15`	a year	crt.sh
upload.video.google.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh
tpc.googlesyndication.com GTS CA 1O1	`2021-01-26` - `2021-04-20`	3 months	crt.sh

This page contains 11 frames:

Primary Page: http://aviadejavu.ru/
Frame ID: EA771E8F1AB82156F2D7474F8D8D014F
Requests: 40 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/html/r20210302/r20190131/zrt_lookup.html
Frame ID: 96E634BECDB4474821D74B8FEDB2C077
Requests: 1 HTTP requests in this frame

Frame: https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&size=medium&hl=ru&origin=http%3A%2F%2Faviadejavu.ru&url=http%3A%2F%2Faviadejavu.ru%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US._62Wsnwv-UM.O%2Fam%3DwQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw%2Fm%3D__features__
Frame ID: 4A598A8EE6601FD5A267B3294D100192
Requests: 2 HTTP requests in this frame

Frame: https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Faviadejavu.ru&send=false&layout=button_count&width=135&show_faces=false&action=like&colorscheme=light&font&height=21
Frame ID: 46BAADC27E19BE1FD8593B271241DE58
Requests: 4 HTTP requests in this frame

Frame: https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Faviadejavu.ru&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US._62Wsnwv-UM.O%2Fam%3DwQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw%2Fm%3D__features__
Frame ID: 71919717C25FF29E3905EBE855F4EC6E
Requests: 4 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7014018936006909&output=html&h=90&slotname=9617814138&adk=3659215450&adf=3610118697&pi=t.ma~as.9617814138&w=728&lmt=1610437251&psa=0&format=728x90&url=http%3A%2F%2Faviadejavu.ru%2F&flash=0&wgl=1&dt=1614867544376&bpp=13&bdt=254&idt=192&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4674764224833&frm=20&pv=2&ga_vid=643711810.1614867545&ga_sid=1614867545&ga_hid=713695986&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=860&ady=57&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433&oid=3&pvsid=1334287086877312&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=Jgr1fZfiL5&p=http%3A//aviadejavu.ru&dtd=207
Frame ID: 970EEA48336F03D4220EF9B6D33369B4
Requests: 14 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7014018936006909&output=html&h=193&slotname=9145582741&adk=3378118159&adf=2416289964&pi=t.ma~as.9145582741&w=772&lmt=1610437251&psa=0&format=772x193&url=http%3A%2F%2Faviadejavu.ru%2F&flash=0&wgl=1&dt=1614867544424&bpp=13&bdt=302&idt=194&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=4674764224833&frm=20&pv=1&ga_vid=643711810.1614867545&ga_sid=1614867545&ga_hid=713695986&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=10&ady=815&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433&oid=3&pvsid=1334287086877312&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Uglm81RnLk&p=http%3A//aviadejavu.ru&dtd=201
Frame ID: 73F32D930225A772C880B03A63DF0F2C
Requests: 18 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7014018936006909&output=html&adk=1812271804&adf=3025194257&lmt=1610437251&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Faviadejavu.ru%2F&ea=0&flash=0&pra=7&wgl=1&dt=1614867544498&bpp=4&bdt=376&idt=151&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C772x193&nras=1&correlator=4674764224833&frm=20&pv=1&ga_vid=643711810.1614867545&ga_sid=1614867545&ga_hid=713695986&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433&oid=3&pvsid=1334287086877312&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=3&uci=a!3&fsb=1&dtd=158
Frame ID: 7B09BDE8A4D1E298437FB8CA953CB472
Requests: 1 HTTP requests in this frame

Frame: https://disqus.com/embed/comments/?base=default&f=aviadejavu&t_u=%2F%2Fcrimso.msk.ru&t_d=AviaDejaVu&t_t=AviaDejaVu&s_o=default
Frame ID: 8399F65423BC4619D6FEEC6EE698E97A
Requests: 6 HTTP requests in this frame

Frame: https://googleads.g.doubleclick.net/pagead/drt/si
Frame ID: 19F0806C95D1FB0DEFBDAE6D43E467A5
Requests: 2 HTTP requests in this frame

Frame: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html
Frame ID: 691AAF445B57AA8901B810162E96A56A
Requests: 2 HTTP requests in this frame

Screenshot
Live screenshot

Full Image

Detected technologies

Nginx (Web Servers) Expand

Overall confidence: 100%
Detected patterns

headers server /nginx(?:\/([\d.]+))?/i

Google AdSense (Advertising Networks) Expand

Overall confidence: 100%
Detected patterns

script /googlesyndication\.com\//i

Yandex.Metrika (Analytics) Expand

Overall confidence: 100%
Detected patterns

script /mc\.yandex\.ru\/metrika\/watch\.js/i

jQuery (JavaScript Libraries) Expand

Overall confidence: 100%
Detected patterns

script /jquery[.-]([\d.]*\d)[^/]*\.js/i
script /jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?/i

Page Statistics

92
Requests

80 %
HTTPS

80 %
IPv6

14
Domains

22
Subdomains

20
IPs

4
Countries

1527 kB
Transfer

3356 kB
Size

6
Cookies

3 Outgoing links

These are links going to different origins than the main page.

URL: http://www.airwar.ru/
Title:

Search URL Search Domain Scan URL

URL: http://flyingmachines.ru/
Title:

Search URL Search Domain Scan URL

URL: http://www.aviations.ru/
Title:

Search URL Search Domain Scan URL

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 2

http://mc.yandex.ru/metrika/watch.js HTTP 302
https://mc.yandex.ru/metrika/watch.js

Request Chain 10

http://www.google.ru/coop/cse/brand?form=cse-search-box&lang=ru HTTP 301
https://www.gstatic.com/prose/brandjs.js

Request Chain 21

http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Faviadejavu.ru&send=false&layout=button_count&width=135&show_faces=false&action=like&colorscheme=light&font&height=21 HTTP 307
https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Faviadejavu.ru&send=false&layout=button_count&width=135&show_faces=false&action=like&colorscheme=light&font&height=21

Request Chain 23

http://aviadejavu.disqus.com/embed.js HTTP 301
https://aviadejavu.disqus.com/embed.js

Request Chain 24

https://mc.yandex.ru/watch/1602037?wmode=7&page-url=http%3A%2F%2Faviadejavu.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2z9ezuq74honwal%3Afp%3A488%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A440%3Acn%3A1%3Adp%3A0%3Als%3A1242057751179%3Ahid%3A632514951%3Az%3A60%3Ai%3A20210304151904%3Aet%3A1614867544%3Ac%3A1%3Arn%3A67610914%3Au%3A1614867544323165286%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1614867543886%3Ads%3A120%2C20%2C92%2C1%2C0%2C0%2C%2C316%2C%2C%2C%2C%2C%3Adsn%3A120%2C20%2C92%2C1%2C0%2C0%2C%2C318%2C%2C%2C%2C%2C%3Arqnl%3A1%3Ati%3A2%3Ast%3A1614867544%3At%3AAviaDejaVu HTTP 302
https://mc.yandex.ru/watch/1602037/1?wmode=7&page-url=http%3A%2F%2Faviadejavu.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2z9ezuq74honwal%3Afp%3A488%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A440%3Acn%3A1%3Adp%3A0%3Als%3A1242057751179%3Ahid%3A632514951%3Az%3A60%3Ai%3A20210304151904%3Aet%3A1614867544%3Ac%3A1%3Arn%3A67610914%3Au%3A1614867544323165286%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1614867543886%3Ads%3A120%2C20%2C92%2C1%2C0%2C0%2C%2C316%2C%2C%2C%2C%2C%3Adsn%3A120%2C20%2C92%2C1%2C0%2C0%2C%2C318%2C%2C%2C%2C%2C%3Arqnl%3A1%3Ati%3A2%3Ast%3A1614867544%3At%3AAviaDejaVu

Request Chain 85

https://www.google.com/pagead/drt/ui HTTP 302
https://googleads.g.doubleclick.net/pagead/drt/si

92 HTTP transactions
2 data transactions

Method
Protocol Status Resource
Path Size
x-fer Time
Latency Type
MIME-Type IP
Location

GET
H/1.1 200
OK Primary Request / Show response
aviadejavu.ru/ 24 KB
6 KB 233ms
93ms Document
text/html 109.94.209.30
ARVID-LOGICUM

General

Check archive.org

Show headers Download Go to

Full URL: http://aviadejavu.ru/
Protocol: HTTP/1.1
Server: 109.94.209.30 , Estonia, ASN202376 (ARVID-LOGICUM, EE),
Reverse DNS: knight30.dns-panel.ru
Software: nginx/1.18.0 /
Resource Hash: 3635c344f2b0ca919ed83832e3221f4d1341776d042a65266a647d3f318c9786

Request headers

Host: aviadejavu.ru
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Accept-Encoding: gzip, deflate
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Server: nginx/1.18.0
Date: Thu, 04 Mar 2021 14:19:04 GMT
Content-Type: text/html
Transfer-Encoding: chunked
Connection: keep-alive
Upgrade: h2,h2c
Last-Modified: Tue, 12 Jan 2021 07:40:51 GMT
Content-Encoding: gzip

GET
H/1.1 200
OK AviaDejaVu2.css
aviadejavu.ru/Site/Style/ 3 KB
1 KB 61ms
57ms Stylesheet
text/css 109.94.209.30
ARVID-LOGICUM

General

Check archive.org

Show headers Download Go to

Full URL: http://aviadejavu.ru/Site/Style/AviaDejaVu2.css
Requested by: Host: aviadejavu.ru
URL: http://aviadejavu.ru/
Protocol: HTTP/1.1
Server: 109.94.209.30 , Estonia, ASN202376 (ARVID-LOGICUM, EE),
Reverse DNS: knight30.dns-panel.ru
Software: nginx/1.18.0 /
Resource Hash: 56acd8ae8431658294655f7f7f59c0f4a80c1a02792068861174b5a75ad96833

Request headers

Referer: http://aviadejavu.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 14:19:04 GMT
Content-Encoding: gzip
Last-Modified: Sat, 17 Nov 2018 07:36:48 GMT
Server: nginx/1.18.0
Transfer-Encoding: chunked
Upgrade: h2,h2c
Connection: keep-alive
Content-Type: text/css

GET
H/1.1 200
OK jquery-ui-1.8.13.custom.css
aviadejavu.ru/Site/css/cupertino/ 34 KB
8 KB 167ms
143ms Stylesheet
text/css 109.94.209.30
ARVID-LOGICUM

General

Check archive.org

Show headers Download Go to

Full URL: http://aviadejavu.ru/Site/css/cupertino/jquery-ui-1.8.13.custom.css
Requested by: Host: aviadejavu.ru
URL: http://aviadejavu.ru/
Protocol: HTTP/1.1
Server: 109.94.209.30 , Estonia, ASN202376 (ARVID-LOGICUM, EE),
Reverse DNS: knight30.dns-panel.ru
Software: nginx/1.18.0 /
Resource Hash: 0638c52cdbd134e34bf705b4c1276a777ca646653fbc60b1dd3bc118049ac70b

Request headers

Referer: http://aviadejavu.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 14:19:05 GMT
Content-Encoding: gzip
Last-Modified: Sat, 17 Nov 2018 07:27:07 GMT
Server: nginx/1.18.0
Transfer-Encoding: chunked
Upgrade: h2,h2c
Connection: keep-alive
Content-Type: text/css

GET
H2

200

watch.js Show response
mc.yandex.ru/metrika/
Redirect Chain

http://mc.yandex.ru/metrika/watch.js
https://mc.yandex.ru/metrika/watch.js

123 KB
43 KB

135ms
46ms

Script
application/javascript

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/metrika/watch.js

Requested by

Host: aviadejavu.ru
URL: http://aviadejavu.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

1b1156042a71ba6ffe43b2bb4a183d05547704b944198c649b2dc4db587a4675

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://aviadejavu.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 14:19:04 GMT
content-encoding: br
last-modified: Sat, 20 Feb 2021 13:25:23 GMT
etag: "603efc40-aa25"
strict-transport-security: max-age=31536000
content-type: application/javascript
access-control-allow-origin: *
cache-control: max-age=3600
content-length: 43557
expires: Thu, 04 Mar 2021 15:19:04 GMT

Redirect headers

Location: https://mc.yandex.ru/metrika/watch.js
Content-Length: 0

GET
H/1.1 200
OK jquery-1.5.1.min.js Show response
aviadejavu.ru/Site/js/ 83 KB
84 KB 118ms
93ms Script
application/javascript 109.94.209.30
ARVID-LOGICUM

General

Check archive.org

Show headers Download Go to

Full URL: http://aviadejavu.ru/Site/js/jquery-1.5.1.min.js
Requested by: Host: aviadejavu.ru
URL: http://aviadejavu.ru/
Protocol: HTTP/1.1
Server: 109.94.209.30 , Estonia, ASN202376 (ARVID-LOGICUM, EE),
Reverse DNS: knight30.dns-panel.ru
Software: nginx/1.18.0 /
Resource Hash: 764b9e9f3ad386aaa5cdeae9368353994de61c0bede087c8f7e3579cb443de3b

Request headers

Referer: http://aviadejavu.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 14:19:05 GMT
Last-Modified: Sat, 17 Nov 2018 07:36:35 GMT
Server: nginx/1.18.0
Upgrade: h2,h2c
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 85260

GET
H/1.1 200
OK ru-en.js Show response
aviadejavu.ru/Site/js/ 2 KB
2 KB 120ms
96ms Script
application/javascript 109.94.209.30
ARVID-LOGICUM

General

Check archive.org

Show headers Download Go to

Full URL: http://aviadejavu.ru/Site/js/ru-en.js
Requested by: Host: aviadejavu.ru
URL: http://aviadejavu.ru/
Protocol: HTTP/1.1
Server: 109.94.209.30 , Estonia, ASN202376 (ARVID-LOGICUM, EE),
Reverse DNS: knight30.dns-panel.ru
Software: nginx/1.18.0 /
Resource Hash: ce6631844549cac47b03a098a1da3411e890e477fcf18ddc610756a2d59dd49a

Request headers

Referer: http://aviadejavu.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 14:19:05 GMT
Last-Modified: Sat, 17 Nov 2018 07:36:37 GMT
Server: nginx/1.18.0
Upgrade: h2,h2c
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 2009

GET
H/1.1 200
OK seedrandom.min.js Show response
aviadejavu.ru/Site/js/ 2 KB
2 KB 119ms
95ms Script
application/javascript 109.94.209.30
ARVID-LOGICUM

General

Check archive.org

Show headers Download Go to

Full URL: http://aviadejavu.ru/Site/js/seedrandom.min.js
Requested by: Host: aviadejavu.ru
URL: http://aviadejavu.ru/
Protocol: HTTP/1.1
Server: 109.94.209.30 , Estonia, ASN202376 (ARVID-LOGICUM, EE),
Reverse DNS: knight30.dns-panel.ru
Software: nginx/1.18.0 /
Resource Hash: ebf89e2f0560aea7b1622de8a98e67c89d416cced032c516366c91d83ff5a54f

Request headers

Referer: http://aviadejavu.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 14:19:05 GMT
Last-Modified: Sat, 17 Nov 2018 07:36:37 GMT
Server: nginx/1.18.0
Upgrade: h2,h2c
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 1621

GET
H/1.1 200
OK craft_of_the_day2.js Show response
aviadejavu.ru/Site/js/ 2 KB
3 KB 166ms
142ms Script
application/javascript 109.94.209.30
ARVID-LOGICUM

General

Check archive.org

Show headers Download Go to

Full URL: http://aviadejavu.ru/Site/js/craft_of_the_day2.js
Requested by: Host: aviadejavu.ru
URL: http://aviadejavu.ru/
Protocol: HTTP/1.1
Server: 109.94.209.30 , Estonia, ASN202376 (ARVID-LOGICUM, EE),
Reverse DNS: knight30.dns-panel.ru
Software: nginx/1.18.0 /
Resource Hash: c7d2d49b9428a987451a1772079b486c6a2c942a99038c6553a062ff2a16508d

Request headers

Referer: http://aviadejavu.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 14:19:05 GMT
Last-Modified: Sun, 14 Feb 2021 05:26:32 GMT
Server: nginx/1.18.0
Upgrade: h2,h2c
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: application/javascript
Content-Length: 2378

GET
H/1.1 200
OK adsbygoogle.js Show response
pagead2.googlesyndication.com/pagead/js/ 139 KB
50 KB 31ms
22ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Requested by

Host: aviadejavu.ru
URL: http://aviadejavu.ru/

Protocol

HTTP/1.1

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

fe3b9ec903128a4464bdabd33a33265476786fb1b7e8558908754e69c18c5dd1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://aviadejavu.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Timing-Allow-Origin: *
Date: Thu, 04 Mar 2021 14:19:04 GMT
Content-Encoding: gzip
X-Content-Type-Options: nosniff
Server: cafe
ETag: 12800053778782964411
Vary: Accept-Encoding
P3P: policyref="http://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
Cache-Control: private, max-age=3600
Cross-Origin-Resource-Policy: cross-origin
Content-Disposition: attachment; filename="f.txt"
Content-Type: text/javascript; charset=UTF-8
Content-Length: 50150
X-XSS-Protection: 0
Expires: Thu, 04 Mar 2021 14:19:04 GMT

GET
H/1.1 200
OK img.jpg
aviadejavu.ru/Site/ 65 KB
65 KB 57ms
57ms Image
image/jpeg 109.94.209.30
ARVID-LOGICUM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://aviadejavu.ru/Site/img.jpg
Requested by: Host: aviadejavu.ru
URL: http://aviadejavu.ru/
Protocol: HTTP/1.1
Server: 109.94.209.30 , Estonia, ASN202376 (ARVID-LOGICUM, EE),
Reverse DNS: knight30.dns-panel.ru
Software: nginx/1.18.0 /
Resource Hash: f903269ba330d7c790fb2248216c0767e86ba38eaa8398369c3ab70167cb6348

Request headers

Referer: http://aviadejavu.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 14:19:05 GMT
Last-Modified: Mon, 19 Nov 2018 20:20:39 GMT
Server: nginx/1.18.0
Upgrade: h2,h2c
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 66672

GET
H2 200 plusone.js Show response
apis.google.com/js/ 54 KB
21 KB 51ms
27ms Script
application/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/plusone.js

Requested by

Host: aviadejavu.ru
URL: http://aviadejavu.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

7de7b85676544f7c233fc463b357f8ce4a41d7672cd4c613e623ba45f6d3afe7

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-GYc80I03QkXhWqf/lFtNkw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: http://aviadejavu.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 14:19:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: CP="This is not a P3P policy! See g.co/p3phelp for more info."
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "cc618a2d744b3658f2d5361ea6240f80"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-GYc80I03QkXhWqf/lFtNkw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Thu, 04 Mar 2021 14:19:04 GMT

GET
H2

200

brandjs.js Show response
www.gstatic.com/prose/
Redirect Chain

http://www.google.ru/coop/cse/brand?form=cse-search-box&lang=ru
https://www.gstatic.com/prose/brandjs.js

9 KB
4 KB

27ms
6ms

Script
text/javascript

2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/prose/brandjs.js

Requested by

Host: aviadejavu.ru
URL: http://aviadejavu.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ed12b8f75afb8edd258e8bcbd195c0a2e75ba94b4d87608ab3952e9e03cd0a5b

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://aviadejavu.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 13:23:10 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Fri, 23 Oct 2020 23:41:31 GMT
server: sffe
age: 3354
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=86400
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3903
x-xss-protection: 0
expires: Fri, 05 Mar 2021 13:23:10 GMT

Redirect headers

Date: Thu, 04 Mar 2021 14:18:37 GMT
X-Content-Type-Options: nosniff
Server: sffe
Age: 27
Content-Type: text/html; charset=UTF-8
Location: https://www.gstatic.com/prose/brandjs.js
Cache-Control: public, max-age=1800
Content-Length: 237
X-XSS-Protection: 0
Expires: Thu, 04 Mar 2021 14:48:37 GMT

GET
H/1.1 200
OK airwar.jpg
aviadejavu.ru/Site/Partners/ 18 KB
18 KB 61ms
60ms Image
image/jpeg 109.94.209.30
ARVID-LOGICUM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://aviadejavu.ru/Site/Partners/airwar.jpg
Requested by: Host: aviadejavu.ru
URL: http://aviadejavu.ru/
Protocol: HTTP/1.1
Server: 109.94.209.30 , Estonia, ASN202376 (ARVID-LOGICUM, EE),
Reverse DNS: knight30.dns-panel.ru
Software: nginx/1.18.0 /
Resource Hash: 6943957e4b964cc65fc87e179660a7392e22c28524d51e76f99695d0697c7046

Request headers

Referer: http://aviadejavu.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 14:19:05 GMT
Last-Modified: Mon, 19 Nov 2018 20:21:02 GMT
Server: nginx/1.18.0
Upgrade: h2,h2c
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 18615

GET
H/1.1 200
OK flyingmachines.jpg
aviadejavu.ru/Site/Partners/ 7 KB
7 KB 60ms
60ms Image
image/jpeg 109.94.209.30
ARVID-LOGICUM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://aviadejavu.ru/Site/Partners/flyingmachines.jpg
Requested by: Host: aviadejavu.ru
URL: http://aviadejavu.ru/
Protocol: HTTP/1.1
Server: 109.94.209.30 , Estonia, ASN202376 (ARVID-LOGICUM, EE),
Reverse DNS: knight30.dns-panel.ru
Software: nginx/1.18.0 /
Resource Hash: ee9c6a4f42b58c1e5510e51ae50357b73899ec32fdd88c9f69349ce9af693ab2

Request headers

Referer: http://aviadejavu.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 14:19:05 GMT
Last-Modified: Mon, 19 Nov 2018 20:21:04 GMT
Server: nginx/1.18.0
Upgrade: h2,h2c
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 6906

GET
H/1.1 200
OK aviations.gif
aviadejavu.ru/Site/Partners/ 9 KB
10 KB 85ms
85ms Image
image/gif 109.94.209.30
ARVID-LOGICUM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://aviadejavu.ru/Site/Partners/aviations.gif
Requested by: Host: aviadejavu.ru
URL: http://aviadejavu.ru/
Protocol: HTTP/1.1
Server: 109.94.209.30 , Estonia, ASN202376 (ARVID-LOGICUM, EE),
Reverse DNS: knight30.dns-panel.ru
Software: nginx/1.18.0 /
Resource Hash: b909e7b0511a43bcc45eaac4e13d7414b377babebb31b6c7fb1c001ff42d0c15

Request headers

Referer: http://aviadejavu.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 14:19:05 GMT
Last-Modified: Mon, 19 Nov 2018 20:21:04 GMT
Server: nginx/1.18.0
Upgrade: h2,h2c
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/gif
Content-Length: 9562

GET
H/1.1 200
OK ru_g.png
aviadejavu.ru/Site/Style/ 629 B
862 B 60ms
59ms Image
image/png 109.94.209.30
ARVID-LOGICUM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://aviadejavu.ru/Site/Style/ru_g.png
Requested by: Host: aviadejavu.ru
URL: http://aviadejavu.ru/Site/Style/AviaDejaVu2.css
Protocol: HTTP/1.1
Server: 109.94.209.30 , Estonia, ASN202376 (ARVID-LOGICUM, EE),
Reverse DNS: knight30.dns-panel.ru
Software: nginx/1.18.0 /
Resource Hash: 6b6dad2faed1addb1265651670c53f714d19d033370ac2c8711cfc34638bee1c

Request headers

Referer: http://aviadejavu.ru/Site/Style/AviaDejaVu2.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 14:19:05 GMT
Last-Modified: Wed, 21 Nov 2018 18:08:04 GMT
Server: nginx/1.18.0
Upgrade: h2,h2c
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 629

GET
H/1.1 200
OK en.png
aviadejavu.ru/Site/Style/ 2 KB
2 KB 57ms
57ms Image
image/png 109.94.209.30
ARVID-LOGICUM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://aviadejavu.ru/Site/Style/en.png
Requested by: Host: aviadejavu.ru
URL: http://aviadejavu.ru/Site/Style/AviaDejaVu2.css
Protocol: HTTP/1.1
Server: 109.94.209.30 , Estonia, ASN202376 (ARVID-LOGICUM, EE),
Reverse DNS: knight30.dns-panel.ru
Software: nginx/1.18.0 /
Resource Hash: 2904717ea157bebac20a7fc0d1981894a88be32398be23fde6b4d9d4ed1429a8

Request headers

Referer: http://aviadejavu.ru/Site/Style/AviaDejaVu2.css
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 14:19:05 GMT
Last-Modified: Wed, 21 Nov 2018 18:08:02 GMT
Server: nginx/1.18.0
Upgrade: h2,h2c
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/png
Content-Length: 1690

GET
H2 200 show_ads_impl_with_ama_fy2019.js Show response
pagead2.googlesyndication.com/pagead/js/r20210302/r20190131/ 227 KB
86 KB 68ms
47ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pagead/js/r20210302/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7014018936006909&plah=aviadejavu.ru&amaexp=1

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b357031291532d150c46b043668f07f82f8074c01eddfbe886b90f8dd6755b31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://aviadejavu.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 14:19:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 87278
x-xss-protection: 0
server: cafe
etag: 15270628242900322163
vary: Accept-Encoding
content-type: text/javascript; charset=UTF-8
cache-control: private, max-age=3600, stale-while-revalidate=3600
timing-allow-origin: *
expires: Thu, 04 Mar 2021 14:19:04 GMT

GET
H2 200 zrt_lookup.html Show response
googleads.g.doubleclick.net/pagead/html/r20210302/r20190131/ Frame 96E6 11 KB
6 KB 30ms
6ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/html/r20210302/r20190131/zrt_lookup.html

Requested by

Host: pagead2.googlesyndication.com
URL: http://pagead2.googlesyndication.com/pagead/js/adsbygoogle.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e78c14aeb9435fd03f67ad2ee4c45e18bfcfc100a4c62c8bd886324ce6296f77

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/html/r20210302/r20190131/zrt_lookup.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://aviadejavu.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://aviadejavu.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
vary: Accept-Encoding
date: Wed, 03 Mar 2021 18:03:50 GMT
expires: Wed, 17 Mar 2021 18:03:50 GMT
content-type: text/html; charset=UTF-8
etag: 14371272352318978350
x-content-type-options: nosniff
content-encoding: gzip
server: cafe
content-length: 5136
x-xss-protection: 0
age: 72914
cache-control: public, max-age=1209600
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US._62Wsnwv-UM.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw/ 144 KB
51 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US._62Wsnwv-UM.O/m=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

6edbfab29a63a2b187cae1b33ce99c6b6eafb51f80b485aa9dd0dc01549a9879

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://aviadejavu.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 00:26:51 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 03 Feb 2021 23:33:57 GMT
server: sffe
age: 222733
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 51497
x-xss-protection: 0
expires: Wed, 02 Mar 2022 00:26:51 GMT

GET
H2 200 cb=gapi.loaded_1 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US._62Wsnwv-UM.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw/ 97 KB
34 KB 11ms
9ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US._62Wsnwv-UM.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw/cb=gapi.loaded_1

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

559f31f31689c3362078aa438745222031527bf4a4d0711066350e8517a9d5a6

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://aviadejavu.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 14:42:40 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 03 Feb 2021 23:33:57 GMT
server: sffe
age: 84984
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34488
x-xss-protection: 0
expires: Thu, 03 Mar 2022 14:42:40 GMT

GET
H2 404 fastbutton Show response
apis.google.com/se/0/_/+1/ Frame 4A59 2 KB
1 KB 31ms
31ms Document
text/html 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&size=medium&hl=ru&origin=http%3A%2F%2Faviadejavu.ru&url=http%3A%2F%2Faviadejavu.ru%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US._62Wsnwv-UM.O%2Fam%3DwQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/plusone.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

15f902d965e543f110b5e4646c5664ddde52e267885f7ccd9d0c2046575a569b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-5HRWG8zAGQhZwWqhQ9oDvw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: apis.google.com
:scheme: https
:path: /se/0/_/+1/fastbutton?usegapi=1&size=medium&hl=ru&origin=http%3A%2F%2Faviadejavu.ru&url=http%3A%2F%2Faviadejavu.ru%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US._62Wsnwv-UM.O%2Fam%3DwQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://aviadejavu.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=210=LCmwHzPoqNRHgRNWppddPHHcXZ01m6JudA7BTX9nSvuR8SNMJMWU0wVZc2bCAJSwsbsGAax80qnVzN6AwhrQIVtlN3tlyBPQiTx7ZC7hO6dSv5RDkacwro75coDqZNpM1P7zkDt8494qA3I8gM7aoA09YR4ZAQuuCxY2XfQXHzA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://aviadejavu.ru/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 04 Mar 2021 14:19:04 GMT
content-security-policy: script-src 'report-sample' 'nonce-5HRWG8zAGQhZwWqhQ9oDvw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2

200

like.php Show response
www.facebook.com/plugins/ Frame 46BA
Redirect Chain

http://www.facebook.com/plugins/like.php?href=http%3A%2F%2Faviadejavu.ru&send=false&layout=button_count&width=135&show_faces=false&action=like&colorscheme=light&font&height=21
https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Faviadejavu.ru&send=false&layout=button_count&width=135&show_faces=false&action=like&colorscheme=light&font&height=21

43 KB
14 KB

113ms
95ms

Document
text/html

2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Faviadejavu.ru&send=false&layout=button_count&width=135&show_faces=false&action=like&colorscheme=light&font&height=21

Requested by

Host: aviadejavu.ru
URL: http://aviadejavu.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

d867623333ac0b5c78e80b4b03c391da84b4dda61c23ac9c5320d82364bbfd4f

Security Headers

Name	Value
Content-Security-Policy	default-src * data: blob: 'self';script-src .facebook.com .fbcdn.net .facebook.net .google-analytics.com .virtualearth.net .google.com 127.0.0.1:* .spotilocal.com: 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' ;connect-src .facebook.com facebook.com .fbcdn.net .facebook.net .spotilocal.com: wss://.facebook.com: https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: www.facebook.com
:scheme: https
:path: /plugins/like.php?href=http%3A%2F%2Faviadejavu.ru&send=false&layout=button_count&width=135&show_faces=false&action=like&colorscheme=light&font&height=21
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://aviadejavu.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://aviadejavu.ru/

Response headers

vary: Accept-Encoding
x-fb-rlafr: 0
pragma: no-cache
expires: Sat, 01 Jan 2000 00:00:00 GMT
content-encoding: br
strict-transport-security: max-age=15552000; preload
x-content-type-options: nosniff
x-xss-protection: 0
cache-control: private, no-cache, no-store, must-revalidate
content-security-policy: default-src * data: blob: 'self';script-src *.facebook.com *.fbcdn.net *.facebook.net *.google-analytics.com *.virtualearth.net *.google.com 127.0.0.1:* *.spotilocal.com:* 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' *;connect-src *.facebook.com facebook.com *.fbcdn.net *.facebook.net *.spotilocal.com:* wss://*.facebook.com:* https://fb.scanandcleanlocal.com:* attachment.fbsbx.com ws://localhost:* blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;
content-type: text/html; charset="utf-8"
x-fb-debug: 6OX14sDYzA65VwoNQ2DHT84F3tHaltlSLscrKClq4AnNKZI/KKMdLqLWr/G5GyF+sDfqVLsBcsYpc7FBQPO4Hw==
date: Thu, 04 Mar 2021 14:19:04 GMT
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600

Redirect headers

Location: https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Faviadejavu.ru&send=false&layout=button_count&width=135&show_faces=false&action=like&colorscheme=light&font&height=21
Non-Authoritative-Reason: HSTS

GET
H2 200 branding.png
www.google.com/cse/static/images/1x/ru/ 1 KB
2 KB 31ms
8ms Image
image/png 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/cse/static/images/1x/ru/branding.png

Requested by

Host: aviadejavu.ru
URL: http://aviadejavu.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

9cdb4dd08ba584cdf21b63932a8834d79969701403ef62afb63f0c6f436e6c0f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://aviadejavu.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Fri, 26 Feb 2021 09:18:54 GMT
x-content-type-options: nosniff
last-modified: Mon, 25 May 2020 08:30:00 GMT
server: sffe
age: 536410
content-type: image/png
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1377
x-xss-protection: 0
expires: Sat, 26 Feb 2022 09:18:54 GMT

GET
H/1.1

200
OK

embed.js Show response
aviadejavu.disqus.com/
Redirect Chain

http://aviadejavu.disqus.com/embed.js
https://aviadejavu.disqus.com/embed.js

72 KB
24 KB

324ms
256ms

Script
application/javascript

151.101.12.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://aviadejavu.disqus.com/embed.js

Requested by

Host: aviadejavu.ru
URL: http://aviadejavu.ru/

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

openresty /

Resource Hash

580cd288e532d5fa0e3727270352572dc543b9434604f2676332aab8e3bfd2ae

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains

Request headers

Referer: http://aviadejavu.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 14:19:04 GMT
Content-Encoding: gzip
Server: openresty
Age: 0
Vary: Accept-Encoding
Connection: keep-alive
Content-Type: application/javascript; charset=utf-8
Cache-Control: private, max-age=60
X-Service: router
Strict-Transport-Security: max-age=300; includeSubdomains
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 24096

Redirect headers

Date: Thu, 04 Mar 2021 14:19:04 GMT
Server: Varnish
Strict-Transport-Security: max-age=300; includeSubdomains
Content-Type: text/html
Location: https://aviadejavu.disqus.com/embed.js
Cache-Control: public, max-age=31536000
Connection: close
Link: <https://disqus.com>; rel=preconnect, <https://c.disquscdn.com>; rel=preconnect
Content-Length: 219

GET
H2

200

1 Show response
mc.yandex.ru/watch/1602037/
Redirect Chain

https://mc.yandex.ru/watch/1602037?wmode=7&page-url=http%3A%2F%2Faviadejavu.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2z9ezuq74honwal%3Afp%3A488%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%...
https://mc.yandex.ru/watch/1602037/1?wmode=7&page-url=http%3A%2F%2Faviadejavu.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2z9ezuq74honwal%3Afp%3A488%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-U...

167 B
249 B

48ms
48ms

XHR
application/json

2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to

Full URL

https://mc.yandex.ru/watch/1602037/1?wmode=7&page-url=http%3A%2F%2Faviadejavu.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2z9ezuq74honwal%3Afp%3A488%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A440%3Acn%3A1%3Adp%3A0%3Als%3A1242057751179%3Ahid%3A632514951%3Az%3A60%3Ai%3A20210304151904%3Aet%3A1614867544%3Ac%3A1%3Arn%3A67610914%3Au%3A1614867544323165286%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1614867543886%3Ads%3A120%2C20%2C92%2C1%2C0%2C0%2C%2C316%2C%2C%2C%2C%2C%3Adsn%3A120%2C20%2C92%2C1%2C0%2C0%2C%2C318%2C%2C%2C%2C%2C%3Arqnl%3A1%3Ati%3A2%3Ast%3A1614867544%3At%3AAviaDejaVu

Requested by

Host: aviadejavu.ru
URL: http://aviadejavu.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

c1108b6bfbf983f232acdf0edbf78801061b2160cf903bb1ca8bfd611aa74f65

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://aviadejavu.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 14:19:04 GMT
x-content-type-options: nosniff
last-modified: Thu, 04-Mar-2021 14:19:04 GMT
strict-transport-security: max-age=31536000
content-type: application/json; charset=utf-8
access-control-allow-origin: http://aviadejavu.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 167
x-xss-protection: 1; mode=block
expires: Thu, 04-Mar-2021 14:19:04 GMT

Redirect headers

pragma: no-cache
date: Thu, 04 Mar 2021 14:19:04 GMT
last-modified: Thu, 04-Mar-2021 14:19:04 GMT
location: /watch/1602037/1?wmode=7&page-url=http%3A%2F%2Faviadejavu.ru%2F&charset=utf-8&browser-info=pv%3A1%3Agdpr%3A14%3Avf%3A2z9ezuq74honwal%3Afp%3A488%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A440%3Acn%3A1%3Adp%3A0%3Als%3A1242057751179%3Ahid%3A632514951%3Az%3A60%3Ai%3A20210304151904%3Aet%3A1614867544%3Ac%3A1%3Arn%3A67610914%3Au%3A1614867544323165286%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ahdl%3A1%3Ans%3A1614867543886%3Ads%3A120%2C20%2C92%2C1%2C0%2C0%2C%2C316%2C%2C%2C%2C%2C%3Adsn%3A120%2C20%2C92%2C1%2C0%2C0%2C%2C318%2C%2C%2C%2C%2C%3Arqnl%3A1%3Ati%3A2%3Ast%3A1614867544%3At%3AAviaDejaVu
strict-transport-security: max-age=31536000
access-control-allow-origin: http://aviadejavu.ru
cache-control: private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials: true
content-length: 0
x-xss-protection: 1; mode=block
expires: Thu, 04-Mar-2021 14:19:04 GMT

GET
H/1.1 200
OK crafts.dat Show response
aviadejavu.ru/ 44 KB
44 KB 60ms
59ms XHR
text/plain 109.94.209.30
ARVID-LOGICUM

General

Check archive.org

Show headers Download Go to

Full URL: http://aviadejavu.ru/crafts.dat
Requested by: Host: aviadejavu.ru
URL: http://aviadejavu.ru/Site/js/jquery-1.5.1.min.js
Protocol: HTTP/1.1
Server: 109.94.209.30 , Estonia, ASN202376 (ARVID-LOGICUM, EE),
Reverse DNS: knight30.dns-panel.ru
Software: nginx/1.18.0 /
Resource Hash: b7221f02166f6c4ed17bbb9ea99442512789972773f4d8a7e73499939a6f364d

Request headers

Accept: */*
Referer: http://aviadejavu.ru/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 14:19:05 GMT
Last-Modified: Sun, 14 Feb 2021 05:35:41 GMT
Server: nginx/1.18.0
Connection: keep-alive
Accept-Ranges: bytes
Content-Length: 45048
Upgrade: h2,h2c

GET
H2 200 postmessageRelay Show response
accounts.google.com/o/oauth2/ Frame 7191 567 B
866 B 97ms
71ms Document
text/html 2a00:1450:4001:802::200d
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Faviadejavu.ru&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US._62Wsnwv-UM.O%2Fam%3DwQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw%2Fm%3D__features__

Requested by

Host: apis.google.com
URL: https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US._62Wsnwv-UM.O/m=auth/exm=plusone/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw/cb=gapi.loaded_1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::200d Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

90b6800137e78c79db62d1be1ff0f08fc258bb1bcdbdfefec18a88e78e9e3e3b

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-M9T2+wA5NhcR4WcgMIlQcQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: accounts.google.com
:scheme: https
:path: /o/oauth2/postmessageRelay?parent=http%3A%2F%2Faviadejavu.ru&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US._62Wsnwv-UM.O%2Fam%3DwQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw%2Fm%3D__features__
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://aviadejavu.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: NID=210=LCmwHzPoqNRHgRNWppddPHHcXZ01m6JudA7BTX9nSvuR8SNMJMWU0wVZc2bCAJSwsbsGAax80qnVzN6AwhrQIVtlN3tlyBPQiTx7ZC7hO6dSv5RDkacwro75coDqZNpM1P7zkDt8494qA3I8gM7aoA09YR4ZAQuuCxY2XfQXHzA
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://aviadejavu.ru/

Response headers

content-type: text/html; charset=utf-8
cache-control: no-cache, no-store, max-age=0, must-revalidate
pragma: no-cache
expires: Mon, 01 Jan 1990 00:00:00 GMT
date: Thu, 04 Mar 2021 14:19:04 GMT
content-security-policy: script-src 'report-sample' 'nonce-M9T2+wA5NhcR4WcgMIlQcQ' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /o/cspreport
content-encoding: gzip
server: ESF
x-xss-protection: 0
x-content-type-options: nosniff
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 advert.gif
mc.yandex.ru/metrika/ 43 B
112 B 45ms
45ms Image
image/gif 2a02:6b8::1:119
YANDEX

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://mc.yandex.ru/metrika/advert.gif

Requested by

Host: aviadejavu.ru
URL: http://aviadejavu.ru/

Protocol

Security

TLS 1.3, , AES_256_GCM

Server

2a02:6b8::1:119 Moscow, Russian Federation, ASN13238 (YANDEX, RU),

Reverse DNS

Software

Resource Hash

548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000

Request headers

Referer: http://aviadejavu.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 14:19:04 GMT
last-modified: Sat, 20 Feb 2021 13:25:23 GMT
etag: "603efc40-2b"
strict-transport-security: max-age=31536000
content-type: image/gif
access-control-allow-origin: *
cache-control: max-age=3600
accept-ranges: bytes
content-length: 43
expires: Thu, 04 Mar 2021 15:19:04 GMT

GET
H2 200 cookie.js Show response
partner.googleadservices.com/gampad/ 203 B
642 B 137ms
65ms Script
text/javascript 142.250.186.34
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://partner.googleadservices.com/gampad/cookie.js?domain=aviadejavu.ru&callback=_gfp_s_&client=ca-pub-7014018936006909

Requested by

Host: pagead2.googlesyndication.com
URL: https://pagead2.googlesyndication.com/pagead/js/r20210302/r20190131/show_ads_impl_with_ama_fy2019.js?client=ca-pub-7014018936006909&plah=aviadejavu.ru&amaexp=1

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

142.250.186.34 , United States, ASN15169 (GOOGLE, US),

Reverse DNS

fra24s04-in-f2.1e100.net

Software

cafe /

Resource Hash

984e8e9d84e7255127da41ce973bb4d7a4884fa32f76d37440b546990ea42226

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://aviadejavu.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 14:19:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
content-type: text/javascript; charset=UTF-8
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 193
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.de/adsid/ 107 B
799 B 40ms
19ms Script
application/javascript 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.de/adsid/integrator.js?domain=aviadejavu.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://aviadejavu.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 04 Mar 2021 14:19:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29="googleads.g.doubleclick.net:443"; ma=2592000,h3-29=":443"; ma=2592000,h3-T051="googleads.g.doubleclick.net:443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043="googleads.g.doubleclick.net:443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic="googleads.g.doubleclick.net:443"; ma=2592000; v="46,43",quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H2 200 integrator.js Show response
adservice.google.com/adsid/ 107 B
553 B 43ms
22ms Script
application/javascript 2a00:1450:4001:808::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://adservice.google.com/adsid/integrator.js?domain=aviadejavu.ru

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:808::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://aviadejavu.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 04 Mar 2021 14:19:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: CP="This is not a P3P policy! See http://support.google.com/accounts/answer/151657 for more info."
cache-control: private, no-cache, no-store
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/javascript; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 100
x-xss-protection: 0

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 970E 59 KB
15 KB 578ms
563ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7014018936006909&output=html&h=90&slotname=9617814138&adk=3659215450&adf=3610118697&pi=t.ma~as.9617814138&w=728&lmt=1610437251&psa=0&format=728x90&url=http%3A%2F%2Faviadejavu.ru%2F&flash=0&wgl=1&dt=1614867544376&bpp=13&bdt=254&idt=192&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4674764224833&frm=20&pv=2&ga_vid=643711810.1614867545&ga_sid=1614867545&ga_hid=713695986&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=860&ady=57&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433&oid=3&pvsid=1334287086877312&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=Jgr1fZfiL5&p=http%3A//aviadejavu.ru&dtd=207

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5a9321d896fc8f0e73852062de628f988de17b019dd033929d8db212448e1ac1

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7014018936006909&output=html&h=90&slotname=9617814138&adk=3659215450&adf=3610118697&pi=t.ma~as.9617814138&w=728&lmt=1610437251&psa=0&format=728x90&url=http%3A%2F%2Faviadejavu.ru%2F&flash=0&wgl=1&dt=1614867544376&bpp=13&bdt=254&idt=192&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4674764224833&frm=20&pv=2&ga_vid=643711810.1614867545&ga_sid=1614867545&ga_hid=713695986&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=860&ady=57&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433&oid=3&pvsid=1334287086877312&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=Jgr1fZfiL5&p=http%3A//aviadejavu.ru&dtd=207
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://aviadejavu.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://aviadejavu.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 04 Mar 2021 14:19:05 GMT
server: cafe
content-length: 15120
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 04-Mar-2021 14:34:04 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 04 Mar 2021 14:19:05 GMT
cache-control: private

GET
H2 200 osd.js Show response
www.googletagservices.com/activeview/js/current/ 74 KB
28 KB 35ms
13ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/osd.js?cb=%2Fr20100101

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

e2b04100564fd9141d7acbd40482d40a3c5b4af2cf25b2cf8726b5608841d61a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://aviadejavu.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 14:19:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614774803212306"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 28399
x-xss-protection: 0
expires: Thu, 04 Mar 2021 14:19:04 GMT

GET
H/1.1 200
OK Craft33150.htm Show response
aviadejavu.ru/Site/Crafts/ 13 KB
5 KB 62ms
62ms XHR
text/html 109.94.209.30
ARVID-LOGICUM

General

Check archive.org

Show headers Download Go to

Full URL: http://aviadejavu.ru/Site/Crafts/Craft33150.htm
Requested by: Host: aviadejavu.ru
URL: http://aviadejavu.ru/Site/js/jquery-1.5.1.min.js
Protocol: HTTP/1.1
Server: 109.94.209.30 , Estonia, ASN202376 (ARVID-LOGICUM, EE),
Reverse DNS: knight30.dns-panel.ru
Software: nginx/1.18.0 /
Resource Hash: 7a393e9d296c3cebf5f4f0c00ba50e91578532530eff488fb533668c441fe2fe

Request headers

Accept: */*
Referer: http://aviadejavu.ru/
X-Requested-With: XMLHttpRequest
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Content-Type: text/html; charset=utf-8

Response headers

Date: Thu, 04 Mar 2021 14:19:05 GMT
Content-Encoding: gzip
Last-Modified: Fri, 11 Sep 2020 17:29:39 GMT
Server: nginx/1.18.0
Transfer-Encoding: chunked
Upgrade: h2,h2c
Connection: keep-alive
Content-Type: text/html

GET
H3-Q050 200 googlelogo_color_150x54dp.png
www.google.com/images/branding/googlelogo/1x/ Frame 4A59 3 KB
3 KB 43ms
28ms Image
image/png 2a00:1450:4001:813::2004
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.google.com/images/branding/googlelogo/1x/googlelogo_color_150x54dp.png

Requested by

Host: apis.google.com
URL: https://apis.google.com/se/0/_/+1/fastbutton?usegapi=1&size=medium&hl=ru&origin=http%3A%2F%2Faviadejavu.ru&url=http%3A%2F%2Faviadejavu.ru%2F&gsrc=3p&ic=1&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US._62Wsnwv-UM.O%2Fam%3DwQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw%2Fm%3D__features__

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::2004 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

dbef5e5530003b7233e944856c23d1437902a2d3568cdfd2beaf2166e9ca9139

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://apis.google.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 14:19:04 GMT
x-content-type-options: nosniff
last-modified: Tue, 22 Oct 2019 18:30:00 GMT
server: sffe
content-type: image/png
cache-control: private, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3170
x-xss-protection: 0
expires: Thu, 04 Mar 2021 14:19:04 GMT

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 73F3 69 KB
16 KB 560ms
559ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7014018936006909&output=html&h=193&slotname=9145582741&adk=3378118159&adf=2416289964&pi=t.ma~as.9145582741&w=772&lmt=1610437251&psa=0&format=772x193&url=http%3A%2F%2Faviadejavu.ru%2F&flash=0&wgl=1&dt=1614867544424&bpp=13&bdt=302&idt=194&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=4674764224833&frm=20&pv=1&ga_vid=643711810.1614867545&ga_sid=1614867545&ga_hid=713695986&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=10&ady=815&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433&oid=3&pvsid=1334287086877312&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Uglm81RnLk&p=http%3A//aviadejavu.ru&dtd=201

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ec39d61880ed1dd20638e96ead60ce039d5af166fff3d06c7c2d6d7b101796e3

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7014018936006909&output=html&h=193&slotname=9145582741&adk=3378118159&adf=2416289964&pi=t.ma~as.9145582741&w=772&lmt=1610437251&psa=0&format=772x193&url=http%3A%2F%2Faviadejavu.ru%2F&flash=0&wgl=1&dt=1614867544424&bpp=13&bdt=302&idt=194&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=4674764224833&frm=20&pv=1&ga_vid=643711810.1614867545&ga_sid=1614867545&ga_hid=713695986&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=10&ady=815&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433&oid=3&pvsid=1334287086877312&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Uglm81RnLk&p=http%3A//aviadejavu.ru&dtd=201
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://aviadejavu.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://aviadejavu.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 04 Mar 2021 14:19:05 GMT
server: cafe
content-length: 16173
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 04-Mar-2021 14:34:04 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 04 Mar 2021 14:19:05 GMT
cache-control: private

GET
H3-Q050 200 ads Show response
googleads.g.doubleclick.net/pagead/ Frame 7B09 11 KB
1 KB 114ms
114ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7014018936006909&output=html&adk=1812271804&adf=3025194257&lmt=1610437251&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Faviadejavu.ru%2F&ea=0&flash=0&pra=7&wgl=1&dt=1614867544498&bpp=4&bdt=376&idt=151&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C772x193&nras=1&correlator=4674764224833&frm=20&pv=1&ga_vid=643711810.1614867545&ga_sid=1614867545&ga_hid=713695986&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433&oid=3&pvsid=1334287086877312&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=3&uci=a!3&fsb=1&dtd=158

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

b3ac4203f675a8aff1dc0620d445b256bd58ecfb87cb0403df60525025a5f398

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/ads?client=ca-pub-7014018936006909&output=html&adk=1812271804&adf=3025194257&lmt=1610437251&plat=1%3A32776%2C2%3A32776%2C8%3A134217728%2C9%3A134250504%2C16%3A8388608%2C17%3A32%2C24%3A32%2C25%3A32%2C30%3A1081344%2C32%3A32&format=0x0&url=http%3A%2F%2Faviadejavu.ru%2F&ea=0&flash=0&pra=7&wgl=1&dt=1614867544498&bpp=4&bdt=376&idt=151&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90%2C772x193&nras=1&correlator=4674764224833&frm=20&pv=1&ga_vid=643711810.1614867545&ga_sid=1614867545&ga_hid=713695986&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=-12245933&ady=-12245933&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433&oid=3&pvsid=1334287086877312&rx=0&eae=2&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7Cs%7C&abl=NS&fu=8192&bc=23&ifi=3&uci=a!3&fsb=1&dtd=158
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://aviadejavu.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://aviadejavu.ru/

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
timing-allow-origin: *
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: br
date: Thu, 04 Mar 2021 14:19:04 GMT
server: cafe
content-length: 816
x-xss-protection: 0
set-cookie: test_cookie=CheckForPermission; expires=Thu, 04-Mar-2021 14:34:04 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 04 Mar 2021 14:19:04 GMT
cache-control: private

GET
H2 200 OqOE21UvWe3.png
www.facebook.com/rsrc.php/v3/y5/r/ Frame 46BA 400 B
700 B 6ms
5ms Image
image/png 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/rsrc.php/v3/y5/r/OqOE21UvWe3.png

Requested by

Host: www.facebook.com
URL: https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Faviadejavu.ru&send=false&layout=button_count&width=135&show_faces=false&action=like&colorscheme=light&font&height=21

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Faviadejavu.ru&send=false&layout=button_count&width=135&show_faces=false&action=like&colorscheme=light&font&height=21
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fb-debug: x/DJr50lesmE2PAtSCwOgH/hI9n4k/rl/wW+cHcNm2Ehp0sMJUx0DFJkqjpNKNvMSuqA+v5O3fBfVixLe70rJQ==
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: uF0RL4E+h23ClLQmPOTTMw==
date: Tue, 23 Feb 2021 07:27:59 GMT
content-type: image/png
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 400
x-fb-rlafr: 0
expires: Wed, 23 Feb 2022 07:27:59 GMT

GET
H2 200 Qh8v21OCrK9.js Show response
www.facebook.com/rsrc.php/v3iEpO4/ye/l/en_US/ Frame 46BA 478 KB
123 KB 6ms
5ms XHR
application/x-javascript 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to

Full URL

https://www.facebook.com/rsrc.php/v3iEpO4/ye/l/en_US/Qh8v21OCrK9.js?_nc_x=Ij3Wp8lg5Kz

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

c214d8a259978d8a932e57874a18fd3ea5a5cab6d980e12aebf3ed36edc09f49

Security Headers

Name	Value
X-Content-Type-Options	nosniff

Request headers

Referer: https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Faviadejavu.ru&send=false&layout=button_count&width=135&show_faces=false&action=like&colorscheme=light&font&height=21
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

x-fb-debug: q5qAxFtJcAgT/3dfiTNAAdL/52mNhCUgBTwMVtYVlaXIuY7Sg/joN5hwMEuqOifq451IkuZogJITODR7JHeFdg==
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Jan 2001 08:00:00 GMT
content-md5: 221eWLfUpmrIujCRkFrMzQ==
date: Thu, 04 Mar 2021 07:37:30 GMT
vary: Accept-Encoding
content-type: application/x-javascript; charset=utf-8
access-control-allow-origin: *
cache-control: public,max-age=31536000,immutable
cross-origin-resource-policy: cross-origin
timing-allow-origin: *
content-length: 126155
x-fb-rlafr: 0
expires: Fri, 04 Mar 2022 07:37:30 GMT

GET
H/1.1 200
OK 11-2.jpg
aviadejavu.ru/Images6m/FT/FT1920/01/ 6 KB
6 KB 60ms
59ms Image
image/jpeg 109.94.209.30
ARVID-LOGICUM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://aviadejavu.ru/Images6m/FT/FT1920/01/11-2.jpg
Requested by: Host: aviadejavu.ru
URL: http://aviadejavu.ru/
Protocol: HTTP/1.1
Server: 109.94.209.30 , Estonia, ASN202376 (ARVID-LOGICUM, EE),
Reverse DNS: knight30.dns-panel.ru
Software: nginx/1.18.0 /
Resource Hash: 1ed959da37d0d2b2d5914b05e48e1fa5ac5a6a4852f4f03993fe18bfb1e553de

Request headers

Referer: http://aviadejavu.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 14:19:05 GMT
Last-Modified: Sat, 17 Nov 2018 18:10:49 GMT
Server: nginx/1.18.0
Upgrade: h2,h2c
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 6114

GET
H/1.1 200
OK 11-3.jpg
aviadejavu.ru/Images6m/FT/FT1920/01/ 7 KB
7 KB 57ms
57ms Image
image/jpeg 109.94.209.30
ARVID-LOGICUM

General

Check archive.org

Show headers Download Go to Show image

Full URL: http://aviadejavu.ru/Images6m/FT/FT1920/01/11-3.jpg
Requested by: Host: aviadejavu.ru
URL: http://aviadejavu.ru/
Protocol: HTTP/1.1
Server: 109.94.209.30 , Estonia, ASN202376 (ARVID-LOGICUM, EE),
Reverse DNS: knight30.dns-panel.ru
Software: nginx/1.18.0 /
Resource Hash: e6e0920d3d95b17087f2b007f3c1204b02f51bfead9b49d2f6c86f9e48e73a42

Request headers

Referer: http://aviadejavu.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 14:19:05 GMT
Last-Modified: Sat, 17 Nov 2018 18:10:50 GMT
Server: nginx/1.18.0
Upgrade: h2,h2c
Connection: keep-alive
Accept-Ranges: bytes
Content-Type: image/jpeg
Content-Length: 6817

GET
H2 200 2038943760-postmessagerelay.js Show response
ssl.gstatic.com/accounts/o/ Frame 7191 10 KB
5 KB 33ms
12ms Script
text/javascript 2a00:1450:4001:82b::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://ssl.gstatic.com/accounts/o/2038943760-postmessagerelay.js

Requested by

Host: accounts.google.com
URL: https://accounts.google.com/o/oauth2/postmessageRelay?parent=http%3A%2F%2Faviadejavu.ru&jsh=m%3B%2F_%2Fscs%2Fapps-static%2F_%2Fjs%2Fk%3Doz.gapi.en_US._62Wsnwv-UM.O%2Fam%3DwQ%2Fd%3D1%2Fct%3Dzgms%2Frs%3DAGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw%2Fm%3D__features__

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:82b::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

5bd9ca2f57b6c388332dd095d8c9be87dc71c2e1b78b843515ae758fe05a1223

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 13:56:29 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Mon, 01 Mar 2021 22:59:50 GMT
server: sffe
age: 87755
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 4265
x-xss-protection: 0
expires: Thu, 03 Mar 2022 13:56:29 GMT

GET
H3-Q050 200 rpc:shindig_random.js Show response
apis.google.com/js/ Frame 7191 12 KB
5 KB 25ms
25ms Script
application/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/js/rpc:shindig_random.js?onload=init

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

1978a4ee69da239598bb125337b800e269f623839719a7da45e7f7cf2ba1a9bd

Security Headers

Name	Value
Content-Security-Policy	script-src 'report-sample' 'nonce-MpgbFc/rGMQGFmEWfYW8nw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 14:19:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
x-ua-compatible: IE=edge, chrome=1
server: ESF
x-frame-options: SAMEORIGIN
etag: "c489adc86eb80e5d71f9e88a3dbbf731"
strict-transport-security: max-age=31536000
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=1800, stale-while-revalidate=1800
content-security-policy: script-src 'report-sample' 'nonce-MpgbFc/rGMQGFmEWfYW8nw' 'unsafe-inline' 'strict-dynamic' https: http: 'unsafe-eval';object-src 'none';base-uri 'self';report-uri /_/cspreport
timing-allow-origin: *
expires: Thu, 04 Mar 2021 14:19:04 GMT

GET
H2 200 cavalry_endpoint.php
www.facebook.com/common/ Frame 46BA 67 B
923 B 28ms
26ms Image
image/png 2a03:2880:f11c:8183:face:b00c:0:25de
FACEBOOK

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://www.facebook.com/common/cavalry_endpoint.php?t_cstart=1614867544658&t_start=1614867544658&t_domcontent=1614867544667&t_layout=1614867544720&t_onload=1614867544720&t_paint=1614867544720&t_creport=1614867544720&t_tti=1614867544667&lid=6935803288960373583-0

Requested by

Host: aviadejavu.ru
URL: http://aviadejavu.ru/

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a03:2880:f11c:8183:face:b00c:0:25de , United States, ASN32934 (FACEBOOK, US),

Reverse DNS

Software

Resource Hash

aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a

Security Headers

Name	Value
Content-Security-Policy	default-src facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com data: blob: 'self';script-src .facebook.com .fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com .facebook.com fbcdn.net .fbcdn.net fbsbx.com .fbsbx.com cdninstagram.com .cdninstagram.com;connect-src .facebook.com facebook.com .fbcdn.net wss://.facebook.com: attachment.fbsbx.com blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
Strict-Transport-Security	max-age=15552000; preload
X-Content-Type-Options	nosniff
X-Frame-Options	DENY
X-Xss-Protection	0

Request headers

Referer: https://www.facebook.com/plugins/like.php?href=http%3A%2F%2Faviadejavu.ru&send=false&layout=button_count&width=135&show_faces=false&action=like&colorscheme=light&font&height=21
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

content-security-policy: default-src facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com data: blob: 'self';script-src *.facebook.com *.fbcdn.net 'unsafe-inline' 'unsafe-eval' blob: data: 'self';style-src data: blob: 'unsafe-inline' facebook.com *.facebook.com fbcdn.net *.fbcdn.net fbsbx.com *.fbsbx.com cdninstagram.com *.cdninstagram.com;connect-src *.facebook.com facebook.com *.fbcdn.net wss://*.facebook.com:* attachment.fbsbx.com blob: *.cdninstagram.com 'self' chrome-extension://boadgeojelhgndaghljhdicfkmllpafd chrome-extension://dliochdbjfkdbacpmhlcpmleaejidimm;block-all-mixed-content;upgrade-insecure-requests;report-uri https://www.facebook.com/csp/reporting/?m=c;
content-encoding: br
x-content-type-options: nosniff
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=3600,h3-27=":443"; ma=3600
x-fb-rlafr: 0
pragma: no-cache
x-fb-debug: phpnrt2WY1D6gxsAek3lxJ57AwA6TnuHuQXNQ5yk6I3RwL1QK3AuW4lJB7hJzcUzwdyW1Tsi/Mc0AvPddARmPg==
cross-origin-embedder-policy-report-only: require-corp;report-to="coep_report"
x-frame-options: DENY
date: Thu, 04 Mar 2021 14:19:04 GMT
strict-transport-security: max-age=15552000; preload
report-to: {"group":"coep_report","max_age":86400,"endpoints":[{"url":"https:\/\/www.facebook.com\/browser_reporting\/"}]}
content-type: image/png
vary: Accept-Encoding
cache-control: private, no-store, no-cache, must-revalidate
expires: Sat, 01 Jan 2000 00:00:00 GMT

GET
H3-Q050 200 cb=gapi.loaded_0 Show response
apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US._62Wsnwv-UM.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw/ Frame 7191 51 KB
18 KB 8ms
8ms Script
text/javascript 2a00:1450:4001:801::200e
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://apis.google.com/_/scs/apps-static/_/js/k=oz.gapi.en_US._62Wsnwv-UM.O/m=rpc,shindig_random/rt=j/sv=1/d=1/ed=1/am=wQ/rs=AGLTcCP3ho00qv2vB9ExGbDMGLpNMMv4Vw/cb=gapi.loaded_0

Requested by

Host: apis.google.com
URL: https://apis.google.com/js/rpc:shindig_random.js?onload=init

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:801::200e Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

ef954292f81e61ddd5040cda76768e482ebd9d3540b6710cae559f520db49905

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://accounts.google.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 11:06:08 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Wed, 03 Feb 2021 23:33:57 GMT
server: sffe
age: 184376
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, immutable, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18054
x-xss-protection: 0
expires: Wed, 02 Mar 2022 11:06:08 GMT

GET
H2 200 lounge.c82b267b396dfbc10ae5113342115da8.css
c.disquscdn.com/next/embed/styles/ 0
22 KB 46ms
29ms Other
text/css 2606:4700::6812:a913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.c82b267b396dfbc10ae5113342115da8.css

Requested by

Host: aviadejavu.disqus.com
URL: http://aviadejavu.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a913 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://aviadejavu.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 14:19:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 71492
strict-transport-security: max-age=300; includeSubdomains
content-length: 22713
cf-request-id: 089f3453600000d6c9701fb000000001
timing-allow-origin: *
last-modified: Wed, 03 Mar 2021 01:20:39 GMT
server: cloudflare
etag: "603ee467-58b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
cf-ray: 62abbccbcf58d6c9-FRA
x-amz-cf-id: 8iHhdnaJ5uIRYSyeUnp9kgCqelvQxggEWvWNZtCLHCvwamS-AeRHKw==
expires: Thu, 03 Mar 2022 18:27:32 GMT

GET
H2 200 common.bundle.90a60d500e3de29f162afaa4d877b73a.js
c.disquscdn.com/next/embed/ 0
93 KB 32ms
15ms Other
application/javascript 2606:4700::6812:a913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.90a60d500e3de29f162afaa4d877b73a.js

Requested by

Host: aviadejavu.disqus.com
URL: http://aviadejavu.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a913 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://aviadejavu.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 14:19:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 665633
strict-transport-security: max-age=300; includeSubdomains
content-length: 94782
cf-request-id: 089f3453610000d6c97d266000000001
timing-allow-origin: *
last-modified: Tue, 23 Feb 2021 19:13:31 GMT
server: cloudflare
etag: "603553db-1723e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
cf-ray: 62abbccbcf5ad6c9-FRA
x-amz-cf-id: P48o1JC6vh_9vXvK1l7A4gZl4KcNJUxKTMWniCJmMyzMvQ2w_x97NQ==
expires: Thu, 24 Feb 2022 21:25:11 GMT

GET
H2 200 lounge.bundle.54cf549c270b597d5587d24486b38d71.js
c.disquscdn.com/next/embed/ 0
114 KB 38ms
22ms Other
application/javascript 2606:4700::6812:a913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.54cf549c270b597d5587d24486b38d71.js

Requested by

Host: aviadejavu.disqus.com
URL: http://aviadejavu.disqus.com/embed.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a913 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://aviadejavu.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 14:19:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1186055
strict-transport-security: max-age=300; includeSubdomains
content-length: 116865
cf-request-id: 089f3453610000d6c9c0a6c000000001
timing-allow-origin: *
last-modified: Thu, 18 Feb 2021 19:12:14 GMT
server: cloudflare
etag: "602ebc0e-1c881"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
cf-ray: 62abbccbcf5dd6c9-FRA
x-amz-cf-id: WY7hPbT8FAY3vQGA8Ifg_-yNBPcsGB2ConfpUDiOA5gZCEBegG4T4A==
expires: Fri, 18 Feb 2022 20:51:22 GMT

GET
H/1.1 200
OK config.js
disqus.com/next/ 0
11 KB 71ms
21ms Other
application/javascript 151.101.128.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: aviadejavu.disqus.com
URL: http://aviadejavu.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.128.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: http://aviadejavu.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 14:19:04 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 17
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 11035
X-XSS-Protection: 1; mode=block

GET
H/1.1 200
OK / Show response
disqus.com/embed/comments/ Frame 8399 3 KB
2 KB 114ms
114ms Document
text/html 151.101.128.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/embed/comments/?base=default&f=aviadejavu&t_u=%2F%2Fcrimso.msk.ru&t_d=AviaDejaVu&t_t=AviaDejaVu&s_o=default

Requested by

Host: aviadejavu.disqus.com
URL: http://aviadejavu.disqus.com/embed.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.128.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

ee085a2e9f597d8781fc17c659f9a27d409015b91d4dc1b99f4aabf6826a10ae

Security Headers

Name	Value
Content-Security-Policy	script-src https://.twitter.com: https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://.services.disqus.com: https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Host: disqus.com
Connection: keep-alive
Pragma: no-cache
Cache-Control: no-cache
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
Sec-Fetch-Site: cross-site
Sec-Fetch-Mode: navigate
Sec-Fetch-Dest: iframe
Referer: http://aviadejavu.ru/
Accept-Encoding: gzip, deflate, br
Accept-Language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://aviadejavu.ru/

Response headers

Connection: keep-alive
Content-Length: 1157
Server: nginx
Content-Type: text/html; charset=utf-8
Content-Security-Policy: script-src https://*.twitter.com:* https://www.gstatic.com/recaptcha/ https://a.disquscdn.com https://c.disquscdn.com c.disquscdn.com https://*.services.disqus.com:* https://cdn.boomtrain.com/p13n/ https://apis.google.com https://cdn.syndication.twimg.com/tweets.json https://connect.facebook.net/en_US/sdk.js https://referrer.disqus.com/juggler/ 'unsafe-inline' https://com-disqus.netmng.com:* https://www.google.com/recaptcha/ https://cf.ignitionone.com:* https://disqus.com
Link: <https://c.disquscdn.com>;rel=preconnect,<https://c.disquscdn.com>;rel=dns-prefetch
Cache-Control: stale-if-error=3600, s-stalewhilerevalidate=3600, stale-while-revalidate=30, no-cache, must-revalidate, public, s-maxage=5
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Referrer-Policy: no-referrer-when-downgrade
Timing-Allow-Origin: *
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Encoding: gzip
Date: Thu, 04 Mar 2021 14:19:05 GMT
Age: 0
Vary: Accept-Encoding
Strict-Transport-Security: max-age=300; includeSubdomains

GET
H2 200 lounge.load.e8b0efe258bf9f12b462051b30f8a8cc.js Show response
c.disquscdn.com/next/embed/ Frame 8399 1 KB
1 KB 46ms
34ms Script
application/javascript 2606:4700::6812:a913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.load.e8b0efe258bf9f12b462051b30f8a8cc.js

Requested by

Host: disqus.com
URL: https://disqus.com/embed/comments/?base=default&f=aviadejavu&t_u=%2F%2Fcrimso.msk.ru&t_d=AviaDejaVu&t_t=AviaDejaVu&s_o=default

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a913 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

4bc4b0f6fead62bc07c4de3855c60649fe19465fff6e76cd0cd032eed4feb9a0

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Origin: https://disqus.com
Referer: https://disqus.com/embed/comments/?base=default&f=aviadejavu&t_u=%2F%2Fcrimso.msk.ru&t_d=AviaDejaVu&t_t=AviaDejaVu&s_o=default
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 14:19:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 71493
strict-transport-security: max-age=300; includeSubdomains
content-length: 535
cf-request-id: 089f345452000005cc50be9000000001
timing-allow-origin: *
last-modified: Wed, 03 Mar 2021 01:20:39 GMT
server: cloudflare
etag: "603ee467-217"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
cf-ray: 62abbccd49e905cc-FRA
x-amz-cf-id: LwWBpQvQuAkE0nFtE8iKJhwJ84WAuaSqrhmQBgAHMkgSEKalg8erhA==
expires: Thu, 03 Mar 2022 18:27:32 GMT

GET
H3-Q050 200 css
fonts.googleapis.com/ Frame 970E 3 KB
1023 B 43ms
30ms Stylesheet
text/css 2a00:1450:4001:813::200a
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7014018936006909&output=html&h=90&slotname=9617814138&adk=3659215450&adf=3610118697&pi=t.ma~as.9617814138&w=728&lmt=1610437251&psa=0&format=728x90&url=http%3A%2F%2Faviadejavu.ru%2F&flash=0&wgl=1&dt=1614867544376&bpp=13&bdt=254&idt=192&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4674764224833&frm=20&pv=2&ga_vid=643711810.1614867545&ga_sid=1614867545&ga_hid=713695986&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=860&ady=57&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433&oid=3&pvsid=1334287086877312&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=Jgr1fZfiL5&p=http%3A//aviadejavu.ru&dtd=207

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:813::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

ESF /

Resource Hash

c312c8dcff723c5dcea1f1fc9cc0de63d9c7f29783cc9a0a4a1239c7619b5c7e

Security Headers

Name	Value
Strict-Transport-Security	max-age=31536000
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

strict-transport-security: max-age=31536000
content-encoding: gzip
x-content-type-options: nosniff
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
x-xss-protection: 0
last-modified: Thu, 04 Mar 2021 13:14:17 GMT
server: ESF
date: Thu, 04 Mar 2021 14:19:05 GMT
x-frame-options: SAMEORIGIN
content-type: text/css; charset=utf-8
access-control-allow-origin: *
cache-control: private, max-age=86400, stale-while-revalidate=604800
timing-allow-origin: *
link: <https://fonts.gstatic.com>; rel=preconnect; crossorigin
expires: Thu, 04 Mar 2021 14:19:05 GMT

GET
H2 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210302/r20110914/client/ Frame 970E 2 KB
1002 B 32ms
12ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210302/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 14:13:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 330
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 896
x-xss-protection: 0
server: cafe
etag: 948078048762640732
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Mar 2021 14:13:35 GMT

GET
H2 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210302/r20110914/ Frame 970E 18 KB
7 KB 28ms
7ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210302/r20110914/abg_lite_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dba8373b77d5f4fe9610ef894b1f473168b17582506353d3d88939277b271a82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 14:17:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 91
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7378
x-xss-protection: 0
server: cafe
etag: 16808423653712541117
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Mar 2021 14:17:34 GMT

GET
H2 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210302/r20110914/client/ Frame 970E 3 KB
2 KB 29ms
12ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210302/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 14:18:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Mar 2021 14:18:20 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 970E 110 KB
34 KB 46ms
31ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 14:19:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614774766775808"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34192
x-xss-protection: 0
expires: Thu, 04 Mar 2021 14:19:05 GMT

GET
H2 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210302/r20110914/client/ Frame 970E 14 KB
6 KB 26ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210302/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 14:18:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6139
x-xss-protection: 0
server: cafe
etag: 4905056106247604317
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Mar 2021 14:18:39 GMT

GET
H3-Q050 200 1e8eaeef6431cb6de349a68674062a29.js Show response
www.gstatic.com/mysidia/ Frame 970E 26 KB
11 KB 35ms
22ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/1e8eaeef6431cb6de349a68674062a29.js?tag=mysidia_one_click_handler_one_afma_2019

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

7b0b572a90abb3fce27b9dc1f79145706c7bcc6cc3ac84c8f501d344132816d8

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 06:36:16 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 25 Feb 2021 05:48:51 GMT
server: sffe
age: 459769
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 10971
x-xss-protection: 0
expires: Fri, 28 May 2021 06:36:16 GMT

GET
H2 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/1006756583628856564/ Frame 970E 1 KB
1 KB 26ms
11ms Image
image/png 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/1006756583628856564/downsize_200k_v1?w=100&h=100

Requested by

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c4e13b675150973ba2454260044d6d1482f83150e3d38ac483e19a888464fcfc

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 18:52:43 GMT
x-content-type-options: nosniff
age: 242782
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1190
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 21:15:35 GMT
server: sffe
content-type: image/png
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Tue, 01 Mar 2022 18:52:43 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 970E 0
0 46ms
43ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CRNk6WOxAYMK9JpCobMeUkJgM2735gmG3gPqk-Ayo4PDAryAQASDv3YojYJUCoAH_24rIA8gBAagDAaoExgFP0NND6A8ExQqhlJA-DFaImdRIyX8ottn4V07ngcJ97OYWzhlbr-CHSQ0_btFVDlLgBNtE73imgvmHUwlaxTP9TQ0XTUXjFKblcUQVnvZyLvyVjdqYLbIK4Qc048kgRCGdGYcAoIU6QvJSAwN5_kZzVoTg-nc-LPzhq7bC21b4H2VAh6OgvPbTAgGQqv60DP4XtqjeLauE33xK_kTanti1mtTUokXXv6JGvPmSdDlNFmtdq4wDmjmhFLNXoEwSydI8gzXYHDfABLvJgvjCA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBgAfw7qyiAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfw4BuoB-6WsQKoB6a-G6gH7NUb2AcB8gcEEP2LAdIICQiA4YAQEAEYH4AKAcgLAdgTDLIXGgoYCAASFHB1Yi03MDE0MDE4OTM2MDA2OTA5&sigh=Ezi3sdDw5N8&template_id=5001&tpd=AGWhJmuNEzrcPitPe2jz7_ErAij3XvsZsWDCENOEPiekalBqoQ

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7014018936006909&output=html&h=90&slotname=9617814138&adk=3659215450&adf=3610118697&pi=t.ma~as.9617814138&w=728&lmt=1610437251&psa=0&format=728x90&url=http%3A%2F%2Faviadejavu.ru%2F&flash=0&wgl=1&dt=1614867544376&bpp=13&bdt=254&idt=192&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4674764224833&frm=20&pv=2&ga_vid=643711810.1614867545&ga_sid=1614867545&ga_hid=713695986&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=860&ady=57&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433&oid=3&pvsid=1334287086877312&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=Jgr1fZfiL5&p=http%3A//aviadejavu.ru&dtd=207
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 04 Mar 2021 14:19:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cache-control: private
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Thu, 04 Mar 2021 14:19:05 GMT

GET
H3-Q050 200 s Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 19F0 143 B
220 B 6ms
6ms Document
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/s?v=r20120211
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: same-origin
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7014018936006909&output=html&h=90&slotname=9617814138&adk=3659215450&adf=3610118697&pi=t.ma~as.9617814138&w=728&lmt=1610437251&psa=0&format=728x90&url=http%3A%2F%2Faviadejavu.ru%2F&flash=0&wgl=1&dt=1614867544376&bpp=13&bdt=254&idt=192&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4674764224833&frm=20&pv=2&ga_vid=643711810.1614867545&ga_sid=1614867545&ga_hid=713695986&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=860&ady=57&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433&oid=3&pvsid=1334287086877312&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=Jgr1fZfiL5&p=http%3A//aviadejavu.ru&dtd=207
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: test_cookie=CheckForPermission
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7014018936006909&output=html&h=90&slotname=9617814138&adk=3659215450&adf=3610118697&pi=t.ma~as.9617814138&w=728&lmt=1610437251&psa=0&format=728x90&url=http%3A%2F%2Faviadejavu.ru%2F&flash=0&wgl=1&dt=1614867544376&bpp=13&bdt=254&idt=192&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&correlator=4674764224833&frm=20&pv=2&ga_vid=643711810.1614867545&ga_sid=1614867545&ga_hid=713695986&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=860&ady=57&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433&oid=3&pvsid=1334287086877312&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=%7C%7ClE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=1&uci=a!1&fsb=1&xpc=Jgr1fZfiL5&p=http%3A//aviadejavu.ru&dtd=207

Response headers

content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
content-encoding: gzip
date: Thu, 04 Mar 2021 13:34:33 GMT
server: safe
content-length: 145
x-xss-protection: 0
cache-control: public, max-age=3600
age: 2672
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H2 200 common.bundle.90a60d500e3de29f162afaa4d877b73a.js Show response
c.disquscdn.com/next/embed/ Frame 8399 282 KB
93 KB 19ms
19ms Script
application/javascript 2606:4700::6812:a913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/common.bundle.90a60d500e3de29f162afaa4d877b73a.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/lounge.load.e8b0efe258bf9f12b462051b30f8a8cc.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a913 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

baad5a7d7e3c84cbd59b7ac129ecbbae3749e3239bb91ec7f4869ccbbbea2011

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=aviadejavu&t_u=%2F%2Fcrimso.msk.ru&t_d=AviaDejaVu&t_t=AviaDejaVu&s_o=default
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 14:19:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 665634
strict-transport-security: max-age=300; includeSubdomains
content-length: 94782
cf-request-id: 089f34548f0000d6c981b94000000001
timing-allow-origin: *
last-modified: Tue, 23 Feb 2021 19:13:31 GMT
server: cloudflare
etag: "603553db-1723e"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
cf-ray: 62abbccda97dd6c9-FRA
x-amz-cf-id: P48o1JC6vh_9vXvK1l7A4gZl4KcNJUxKTMWniCJmMyzMvQ2w_x97NQ==
expires: Thu, 24 Feb 2022 21:25:11 GMT

GET
H3-Q050 200 73364564117340634a3578c276133d1b.js Show response
www.gstatic.com/mysidia/ Frame 73F3 7 KB
3 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/73364564117340634a3578c276133d1b.js?tag=client_fast_engine_2019

Requested by

Host: googleads.g.doubleclick.net
URL: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7014018936006909&output=html&h=193&slotname=9145582741&adk=3378118159&adf=2416289964&pi=t.ma~as.9145582741&w=772&lmt=1610437251&psa=0&format=772x193&url=http%3A%2F%2Faviadejavu.ru%2F&flash=0&wgl=1&dt=1614867544424&bpp=13&bdt=302&idt=194&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=4674764224833&frm=20&pv=1&ga_vid=643711810.1614867545&ga_sid=1614867545&ga_hid=713695986&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=10&ady=815&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433&oid=3&pvsid=1334287086877312&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Uglm81RnLk&p=http%3A//aviadejavu.ru&dtd=201

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c27ad5ff9062de09eb9d1c3a0fdbf9aa1ad0d28f8a5ec1f90f067c10117e67ed

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Mon, 01 Mar 2021 10:40:58 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 25 Feb 2021 05:48:51 GMT
server: sffe
age: 272287
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3004
x-xss-protection: 0
expires: Sun, 30 May 2021 10:40:58 GMT

GET
H3-Q050 200 load_preloaded_resource_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210302/r20110914/client/ Frame 73F3 2 KB
992 B 31ms
14ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210302/r20110914/client/load_preloaded_resource_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 14:13:35 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 330
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 896
x-xss-protection: 0
server: cafe
etag: 948078048762640732
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Mar 2021 14:13:35 GMT

GET
H3-Q050 200 0e24be92f84fdd781809bff6c25e35f6.js Show response
www.gstatic.com/mysidia/ Frame 73F3 18 KB
8 KB 6ms
6ms Script
text/javascript 2a00:1450:4001:802::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.gstatic.com/mysidia/0e24be92f84fdd781809bff6c25e35f6.js?tag=exit_2019

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

10137f4ee9d49a1cff0832bc15faa9a752754455f05ea4051369114cede70259

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 22:21:04 GMT
content-encoding: gzip
x-content-type-options: nosniff
last-modified: Thu, 25 Feb 2021 05:48:51 GMT
server: sffe
age: 143881
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=7776000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7867
x-xss-protection: 0
expires: Mon, 31 May 2021 22:21:04 GMT

GET
H3-Q050 200 abg_lite_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210302/r20110914/ Frame 73F3 18 KB
7 KB 30ms
14ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210302/r20110914/abg_lite_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

dba8373b77d5f4fe9610ef894b1f473168b17582506353d3d88939277b271a82

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 14:17:34 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 91
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7378
x-xss-protection: 0
server: cafe
etag: 16808423653712541117
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Mar 2021 14:17:34 GMT

GET
H3-Q050 200 window_focus_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210302/r20110914/client/ Frame 73F3 3 KB
2 KB 7ms
6ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210302/r20110914/client/window_focus_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 14:18:20 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 45
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 1546
x-xss-protection: 0
server: cafe
etag: 8852521427838746165
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Mar 2021 14:18:20 GMT

GET
H3-Q050 200 rx_lidar.js Show response
www.googletagservices.com/activeview/js/current/ Frame 73F3 110 KB
33 KB 15ms
14ms Script
text/javascript 2a00:1450:4001:828::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:828::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 14:19:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1614774766775808"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 34192
x-xss-protection: 0
expires: Thu, 04 Mar 2021 14:19:05 GMT

GET
H3-Q050 200 qs_click_protection_fy2019.js Show response
tpc.googlesyndication.com/pagead/js/r20210302/r20110914/client/ Frame 73F3 14 KB
6 KB 29ms
12ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/pagead/js/r20210302/r20110914/client/qs_click_protection_fy2019.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 14:18:39 GMT
content-encoding: gzip
x-content-type-options: nosniff
age: 26
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6139
x-xss-protection: 0
server: cafe
etag: 4905056106247604317
vary: Accept-Encoding, Origin
content-type: text/javascript; charset=UTF-8
cache-control: public, max-age=1209600
timing-allow-origin: *
expires: Thu, 18 Mar 2021 14:18:39 GMT

GET
DATA 200
OK truncated
/ Frame 970E 210 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: 4ec83995bfd2309254a85befc0caf11908e3cf4fc5cc8f73366ca21e7860f1ca

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H3-Q050 200 4UabrENHsxJlGDuGo1OIlLU94YtzCwZsPF4o.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 970E 14 KB
15 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UabrENHsxJlGDuGo1OIlLU94YtzCwZsPF4o.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

1daab0f66666bc3a1d05d70de979a80680d985cc924e233fab61eef2d03bafe2

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sat, 27 Feb 2021 06:32:14 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:17 GMT
server: sffe
age: 460011
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14816
x-xss-protection: 0
expires: Sun, 27 Feb 2022 06:32:14 GMT

GET
H3-Q050 200 4UaGrENHsxJlGDuGo1OIlL3Owp5eKQtG.woff2
fonts.gstatic.com/s/googlesans/v27/ Frame 970E 14 KB
14 KB 6ms
6ms Font
font/woff2 2a00:1450:4001:803::2003
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://fonts.gstatic.com/s/googlesans/v27/4UaGrENHsxJlGDuGo1OIlL3Owp5eKQtG.woff2

Requested by

Host: fonts.googleapis.com
URL: https://fonts.googleapis.com/css?family=Google%20Sans%3A400%2C500

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:803::2003 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

f199a20f1fee7dec152b3591272f9715b536ed88b4c36194488fd5a734caf707

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Origin: https://googleads.g.doubleclick.net
Referer: https://fonts.googleapis.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Sun, 28 Feb 2021 15:30:54 GMT
x-content-type-options: nosniff
last-modified: Wed, 11 Nov 2020 20:26:06 GMT
server: sffe
age: 341291
content-type: font/woff2
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 14608
x-xss-protection: 0
expires: Mon, 28 Feb 2022 15:30:54 GMT

GET
H3-Q050 200 downsize_200k_v1
tpc.googlesyndication.com/simgad/12003354136411495845/ Frame 73F3 4 KB
4 KB 14ms
13ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/simgad/12003354136411495845/downsize_200k_v1?w=195&h=102

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

c556c5b34285e0e5c5c1514fee3c8a520dda9e53844e64166dba98d7a91e4e5a

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 25 Feb 2021 23:44:05 GMT
x-content-type-options: nosniff
age: 570900
x-dns-prefetch-control: off
cross-origin-resource-policy: cross-origin
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 3900
x-xss-protection: 0
last-modified: Mon, 14 Dec 2020 21:22:07 GMT
server: sffe
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
accept-ranges: bytes
timing-allow-origin: *
expires: Fri, 25 Feb 2022 23:44:05 GMT

GET
H3-Q050 200 16560435704738928432
tpc.googlesyndication.com/icore_images/ Frame 73F3 18 KB
18 KB 15ms
14ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/icore_images/16560435704738928432

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

fba5c0a661b19d494c228f97fc1742dd09351113038f100dc73df09c5f067a2f

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 06:46:16 GMT
x-content-type-options: nosniff
last-modified: Wed, 21 Aug 2019 04:09:37 GMT
server: sffe
age: 27169
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 18386
x-xss-protection: 0
expires: Fri, 04 Mar 2022 06:46:16 GMT

GET
H3-Q050 200 13642756832656084715
tpc.googlesyndication.com/icore_images/ Frame 73F3 7 KB
7 KB 14ms
13ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/icore_images/13642756832656084715

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

161d02cbbcbf83d12d0b9865720afeec1752da7e1c1a567915d2d1be180ff44c

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Tue, 02 Mar 2021 15:04:41 GMT
x-content-type-options: nosniff
last-modified: Tue, 11 Feb 2020 14:17:26 GMT
server: sffe
age: 170064
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 7147
x-xss-protection: 0
expires: Wed, 02 Mar 2022 15:04:41 GMT

GET
H3-Q050 200 9466071326453832532
tpc.googlesyndication.com/icore_images/ Frame 73F3 11 KB
12 KB 15ms
14ms Image
image/jpeg 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://tpc.googlesyndication.com/icore_images/9466071326453832532

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

3d569eeefef9a575aabff98133e48a200745e6a6e56ef45161c6d1e25f02946d

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 07:54:01 GMT
x-content-type-options: nosniff
last-modified: Tue, 03 Nov 2020 02:49:22 GMT
server: sffe
age: 23104
content-type: image/jpeg
access-control-allow-origin: *
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
timing-allow-origin: *
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 11705
x-xss-protection: 0
expires: Fri, 04 Mar 2022 07:54:01 GMT

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 73F3 0
0 43ms
42ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=Ck9tCWOxAYPmBKMaNb97Mk7AG2735gmG3gPqk-Ayo4PDAryAQASDv3YojKARglQKgAf_bisgDyAEGqAMByAMCqgTKAU_Qte_e3n7SLrzeYxzPa9XHEM8UB0u0CDBE-twjS5kuSwPpnWn47acXascKdxWjxe8kCz9ZVo7D-iqUHd-KUWygjZI_wpD3-kfF669s3uMAWRC0B5v6rYs0RQ5TO-LCUbMb4LF_OzSeYUVZZWoUuhTVtOk56W9ixCtZGhomfel8sAO00kLeGEhnWOnK-i91AOa3q7NHHygZp3LIhCrE8bopPEj-zMaK4_BzwlqSDYxmOkJDljSweh3OKdACA0bDYCC517rZL6mkTC_ABLvJgvjCA5IFBAgEGAGSBQQIBRgEkgUECAUYGJIFBQgFGKgBoAY3gAfw7qyiAqgH1ckbqAfw2RuoB_LZG6gHjs4bqAeT2BuoB7oGqAfulrECqAemvhuoB-zVG9gHAfIHAxDuS9IICQiA4YAQEAEYH4AKAcgLAcITBhj_24rIA9gTDLIXGgoYCAASFHB1Yi03MDE0MDE4OTM2MDA2OTA5&sigh=Rinn-Mc9l54&template_id=492&tpd=AGWhJms3K8hYcyJ6Z7SW0nkrAtSy6uei7e93-nNwRW_HJ2pZug

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7014018936006909&output=html&h=193&slotname=9145582741&adk=3378118159&adf=2416289964&pi=t.ma~as.9145582741&w=772&lmt=1610437251&psa=0&format=772x193&url=http%3A%2F%2Faviadejavu.ru%2F&flash=0&wgl=1&dt=1614867544424&bpp=13&bdt=302&idt=194&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=4674764224833&frm=20&pv=1&ga_vid=643711810.1614867545&ga_sid=1614867545&ga_hid=713695986&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=10&ady=815&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433&oid=3&pvsid=1334287086877312&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Uglm81RnLk&p=http%3A//aviadejavu.ru&dtd=201
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 04 Mar 2021 14:19:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 73F3 0
0 45ms
44ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CFJrvWOxAYPmBKMaNb97Mk7AGpdWdsQWN3MK6nwKmnq2NaxACIO_diiMoBGCVAsgBAagDAcgDAqoEqQFP0GZ11_5_WC8DvhgU2GbRyRTTAF9M78BE-czsJgSab0ng21IAmfGjWTXSRC4dtMjrKg8jTQ6JmKe_uv8eipCGpoOZYXCpbAqsdy5Oh2p28LITBQQzDBmIwEYOpjijd1Kz7-Oxijo1K2JFrGZq4bsUALfpzOpvl8cpjBka037pibMDQdFCKxtIklvrP_kvgAPmQqizshwo7KRyPYcrJPdnPoR-HstP_WFXwASlwMuKNJIFBAgaGASgBkXABguAB-X34jWoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwMQ7kvSCAkIgOGAEBABGB-ACgHICwGyFxoKGAgAEhRwdWItNzAxNDAxODkzNjAwNjkwOQ&sigh=V2xuOWbvlK0&tpd=AGWhJmuu1RoNvJFSprHATQG8G0X6U2A_f4RbQsURMZfjXslwAw

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7014018936006909&output=html&h=193&slotname=9145582741&adk=3378118159&adf=2416289964&pi=t.ma~as.9145582741&w=772&lmt=1610437251&psa=0&format=772x193&url=http%3A%2F%2Faviadejavu.ru%2F&flash=0&wgl=1&dt=1614867544424&bpp=13&bdt=302&idt=194&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=4674764224833&frm=20&pv=1&ga_vid=643711810.1614867545&ga_sid=1614867545&ga_hid=713695986&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=10&ady=815&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433&oid=3&pvsid=1334287086877312&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Uglm81RnLk&p=http%3A//aviadejavu.ru&dtd=201
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 04 Mar 2021 14:19:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 73F3 0
0 45ms
44ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=C39pqWOxAYPmBKMaNb97Mk7AGpdWdsQWN3MK6nwKmnq2NaxADIO_diiMoBGCVAsgBAagDAcgDAqoEqQFP0GZ11v5_WC8DvhgU2GbRyRTTAF9M78BE-czsJgSab0ng21IAmfGjWTXSRC4dtMjrKg8jTQ6JmKe_uv8eipCGpoOZYXCpbAqsdy5Oh2p28LITBQQzDBmIwEYOpjijd1Kz7-Oxijo1K2JFrGZq4bsUALfpzOpvl8cpjBka037pibMDQdFCKxtIklvrP_kvgAPmQqizshwo7KRyPYcrJPdnPoR-HstP_WFXwASlwMuKNJIFBAgaGASgBkXABguAB-X34jWoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwMQ7kvSCAkIgOGAEBABGB-ACgHICwGyFxoKGAgAEhRwdWItNzAxNDAxODkzNjAwNjkwOQ&sigh=G9pNjP2jUkE&tpd=AGWhJmtY-7br4KOV9i2TbfmwcPJvKToHllWw0MqbKwmOHm8jXA

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7014018936006909&output=html&h=193&slotname=9145582741&adk=3378118159&adf=2416289964&pi=t.ma~as.9145582741&w=772&lmt=1610437251&psa=0&format=772x193&url=http%3A%2F%2Faviadejavu.ru%2F&flash=0&wgl=1&dt=1614867544424&bpp=13&bdt=302&idt=194&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=4674764224833&frm=20&pv=1&ga_vid=643711810.1614867545&ga_sid=1614867545&ga_hid=713695986&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=10&ady=815&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433&oid=3&pvsid=1334287086877312&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Uglm81RnLk&p=http%3A//aviadejavu.ru&dtd=201
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 04 Mar 2021 14:19:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
H3-Q050 200 adview
googleads.g.doubleclick.net/pagead/ Frame 73F3 0
0 44ms
43ms Fetch
text/html 2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/adview?ai=CF2_DWOxAYPmBKMaNb97Mk7AGpdWdsQWN3MK6nwKmnq2NaxAEIO_diiMoBGCVAsgBAagDAcgDAqoEqQFP0GZ10f5_WC8DvhgU2GbRyRTTAF9M78BE-czsJgSab0ng21IAmfGjWTXSRC4dtMjrKg8jTQ6JmKe_uv8eipCGpoOZYXCpbAqsdy5Oh2p28LITBQQzDBmIwEYOpjijd1Kz7-Oxijo1K2JFrGZq4bsUALfpzOpvl8cpjBka037pibMDQdFCKxtIklvrP_kvgAPmQqizshwo7KRyPYcrJPdnPoR-HstP_WFXwASlwMuKNJIFBAgaGASgBkXABguAB-X34jWoB9XJG6gH8NkbqAfy2RuoB47OG6gHk9gbqAe6BqgH7paxAqgHpr4bqAfs1RvYBwHyBwMQ7kvSCAkIgOGAEBABGB-ACgHICwGyFxoKGAgAEhRwdWItNzAxNDAxODkzNjAwNjkwOQ&sigh=fC9KppyxadU&tpd=AGWhJmt-iq5YeEe-i-RITRNlOT7L2YpjEoXJi7iq5PPChFWAKg

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

Security Headers

Name	Value
Content-Security-Policy	script-src 'none'; object-src 'none'
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/pagead/ads?client=ca-pub-7014018936006909&output=html&h=193&slotname=9145582741&adk=3378118159&adf=2416289964&pi=t.ma~as.9145582741&w=772&lmt=1610437251&psa=0&format=772x193&url=http%3A%2F%2Faviadejavu.ru%2F&flash=0&wgl=1&dt=1614867544424&bpp=13&bdt=302&idt=194&shv=r20210302&cbv=r20190131&ptt=9&saldr=aa&abxe=1&prev_fmts=728x90&correlator=4674764224833&frm=20&pv=1&ga_vid=643711810.1614867545&ga_sid=1614867545&ga_hid=713695986&ga_fc=0&u_tz=60&u_his=2&u_java=0&u_h=1200&u_w=1600&u_ah=1200&u_aw=1600&u_cd=24&u_nplug=0&u_nmime=0&adx=10&ady=815&biw=1600&bih=1200&scr_x=0&scr_y=0&eid=21066433&oid=3&pvsid=1334287086877312&rx=0&eae=0&fc=896&brdim=0%2C0%2C0%2C0%2C1600%2C0%2C1600%2C1200%2C1600%2C1200&vis=1&rsz=o%7C%7CeE%7C&abl=CS&pfx=0&fu=8192&bc=23&ifi=2&uci=a!2&fsb=1&xpc=Uglm81RnLk&p=http%3A//aviadejavu.ru&dtd=201
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
content-security-policy: script-src 'none'; object-src 'none'
x-content-type-options: nosniff
server: cafe
date: Thu, 04 Mar 2021 14:19:05 GMT
p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
cross-origin-resource-policy: cross-origin
content-type: text/html; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0

GET
DATA 200
OK truncated
/ Frame 73F3 219 B
0 Image
image/png

General

Check archive.org

Show headers Download Go to Show image

Full URL: data:truncated
Protocol: DATA
Server: -, , ASN (),
Reverse DNS
Software: /
Resource Hash: ceda176129f726613d72fadf7bc96c7ac92dc811cb7011ebb77ec8e44a2c734a

Request headers

Referer
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Content-Type: image/png

GET
H2 200 lounge.c82b267b396dfbc10ae5113342115da8.css
c.disquscdn.com/next/embed/styles/ Frame 8399 126 KB
22 KB 13ms
13ms Stylesheet
text/css 2606:4700::6812:a913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/styles/lounge.c82b267b396dfbc10ae5113342115da8.css

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.90a60d500e3de29f162afaa4d877b73a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a913 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

20b6097504aed42f81fd7492b0e20ee87c7e7d8f9e0a367081741ec0c405f740

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=aviadejavu&t_u=%2F%2Fcrimso.msk.ru&t_d=AviaDejaVu&t_t=AviaDejaVu&s_o=default
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 14:19:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 71493
strict-transport-security: max-age=300; includeSubdomains
content-length: 22713
cf-request-id: 089f3455590000d6c9d9026000000001
timing-allow-origin: *
last-modified: Wed, 03 Mar 2021 01:20:39 GMT
server: cloudflare
etag: "603ee467-58b9"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: text/css; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA56-C2
accept-ranges: bytes
cf-ray: 62abbccefaaed6c9-FRA
x-amz-cf-id: 8iHhdnaJ5uIRYSyeUnp9kgCqelvQxggEWvWNZtCLHCvwamS-AeRHKw==
expires: Thu, 03 Mar 2022 18:27:32 GMT

GET
H3-Q050 200 sodar Show response
pagead2.googlesyndication.com/getconfig/ 8 KB
7 KB 45ms
32ms XHR
application/json 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/getconfig/sodar?sv=200&tid=gda&tv=r20210302&st=env

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

5afe8cd08739c4ec84d9ed513294514e2c5090622420c506387d8ffb39c64231

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://aviadejavu.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

timing-allow-origin: *
date: Thu, 04 Mar 2021 14:19:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: cafe
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: private
cross-origin-resource-policy: cross-origin
content-disposition: attachment; filename="f.txt"
content-type: application/json; charset=UTF-8
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6557
x-xss-protection: 0

GET
H2 200 lounge.bundle.54cf549c270b597d5587d24486b38d71.js Show response
c.disquscdn.com/next/embed/ Frame 8399 452 KB
114 KB 15ms
15ms Script
application/javascript 2606:4700::6812:a913
CLOUDFLARENET

General

Check archive.org

Show headers Download Go to

Full URL

https://c.disquscdn.com/next/embed/lounge.bundle.54cf549c270b597d5587d24486b38d71.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.90a60d500e3de29f162afaa4d877b73a.js

Protocol

Security

TLS 1.3, , AES_128_GCM

Server

2606:4700::6812:a913 , United States, ASN13335 (CLOUDFLARENET, US),

Reverse DNS

Software

cloudflare /

Resource Hash

b484e8986a3a987e1d19988254ba48ad51b9adba23a2baff157b93fab401b7e7

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=aviadejavu&t_u=%2F%2Fcrimso.msk.ru&t_d=AviaDejaVu&t_t=AviaDejaVu&s_o=default
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 14:19:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
cf-cache-status: HIT
age: 1186056
strict-transport-security: max-age=300; includeSubdomains
content-length: 116865
cf-request-id: 089f3455650000d6c98888c000000001
timing-allow-origin: *
last-modified: Thu, 18 Feb 2021 19:12:14 GMT
server: cloudflare
etag: "602ebc0e-1c881"
expect-ct: max-age=604800, report-uri="https://report-uri.cloudflare.com/cdn-cgi/beacon/expect-ct"
vary: Accept-Encoding
content-type: application/javascript; charset=utf-8
access-control-allow-origin: *
x-xss-protection: 1; mode=block
cache-control: max-age=31536000, public, immutable, no-transform
x-amz-cf-pop: FRA6-C1
accept-ranges: bytes
cf-ray: 62abbccf0ac8d6c9-FRA
x-amz-cf-id: WY7hPbT8FAY3vQGA8Ifg_-yNBPcsGB2ConfpUDiOA5gZCEBegG4T4A==
expires: Fri, 18 Feb 2022 20:51:22 GMT

GET
H/1.1 200
OK config.js Show response
disqus.com/next/ Frame 8399 11 KB
11 KB 22ms
21ms Script
application/javascript 151.101.128.134
FASTLY

General

Check archive.org

Show headers Download Go to

Full URL

https://disqus.com/next/config.js

Requested by

Host: c.disquscdn.com
URL: https://c.disquscdn.com/next/embed/common.bundle.90a60d500e3de29f162afaa4d877b73a.js

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.128.134 , United States, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

1e1c822470d325b38fd87240b73a521e02494e6edd6fb2d6a4dfe6d6753a1dcb

Security Headers

Name	Value
Strict-Transport-Security	max-age=300; includeSubdomains
X-Content-Type-Options	nosniff
X-Frame-Options	SAMEORIGIN
X-Xss-Protection	1; mode=block

Request headers

Referer: https://disqus.com/embed/comments/?base=default&f=aviadejavu&t_u=%2F%2Fcrimso.msk.ru&t_d=AviaDejaVu&t_t=AviaDejaVu&s_o=default
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 14:19:05 GMT
X-Content-Type-Options: nosniff
Content-Type: application/javascript; charset=UTF-8
Server: nginx
Age: 17
X-Frame-Options: SAMEORIGIN
Strict-Transport-Security: max-age=300; includeSubdomains
p3p: CP="DSP IDC CUR ADM DELi STP NAV COM UNI INT PHY DEM"
Access-Control-Allow-Origin: *
Cache-Control: public, stale-while-revalidate=300, s-stalewhilerevalidate=3600, max-age=60
Connection: keep-alive
Timing-Allow-Origin: *
Content-Length: 11035
X-XSS-Protection: 1; mode=block

GET
H3-Q050

200

si Show response
googleads.g.doubleclick.net/pagead/drt/ Frame 19F0
Redirect Chain

https://www.google.com/pagead/drt/ui
https://googleads.g.doubleclick.net/pagead/drt/si

0
110 B

15ms
14ms

Document
text/html

2a00:1450:4001:802::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://googleads.g.doubleclick.net/pagead/drt/si

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:802::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

safe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: googleads.g.doubleclick.net
:scheme: https
:path: /pagead/drt/si
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: https://googleads.g.doubleclick.net/
accept-encoding: gzip, deflate, br
accept-language: en-US
cookie: IDE=AHWqTUlYv4YyufOl2WKJTgWfW3aLAfCA9CSNYUjnDpIOUNshzJKLSHhygxbREYq26z4
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: https://googleads.g.doubleclick.net/pagead/drt/s?v=r20120211

Response headers

p3p: policyref="https://googleads.g.doubleclick.net/pagead/gcn_p3p_.xml", CP="CURa ADMa DEVa TAIo PSAo PSDo OUR IND UNI PUR INT DEM STA PRE COM NAV OTC NOI DSP COR"
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 04 Mar 2021 14:19:05 GMT
server: safe
content-length: 0
x-xss-protection: 0
set-cookie: DSID=NO_DATA; expires=Thu, 04-Mar-2021 15:19:05 GMT; path=/; domain=.doubleclick.net; Secure; HttpOnly; SameSite=none
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
expires: Thu, 04 Mar 2021 14:19:05 GMT
cache-control: private

Redirect headers

location: https://googleads.g.doubleclick.net/pagead/drt/si
cache-control: private
content-type: text/html; charset=UTF-8
x-content-type-options: nosniff
date: Thu, 04 Mar 2021 14:19:05 GMT
server: safe
content-length: 246
x-xss-protection: 0
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 sodar2.js Show response
tpc.googlesyndication.com/sodar/ 17 KB
6 KB 14ms
14ms Script
text/javascript 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2.js

Requested by

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://aviadejavu.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Thu, 04 Mar 2021 14:19:05 GMT
content-encoding: gzip
x-content-type-options: nosniff
server: sffe
etag: "1611170586013198"
vary: Accept-Encoding
content-type: text/javascript
cache-control: private, max-age=3000
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 6403
x-xss-protection: 0
expires: Thu, 04 Mar 2021 14:19:05 GMT

GET
H/1.1 200
OK stat.gif
referrer.disqus.com/juggler/ 43 B
295 B 196ms
120ms Image
image/gif 151.101.12.134
FASTLY

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://referrer.disqus.com/juggler/stat.gif?event=failed_embed.server.15

Protocol

HTTP/1.1

Security

TLS 1.2, ECDHE_RSA, AES_128_GCM

Server

151.101.12.134 Frankfurt am Main, Germany, ASN54113 (FASTLY, US),

Reverse DNS

Software

nginx /

Resource Hash

cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	1; mode=block

Request headers

Referer: http://aviadejavu.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

Date: Thu, 04 Mar 2021 14:19:05 GMT
X-Content-Type-Options: nosniff
Last-Modified: Mon, 28 Sep 1970 06:00:00 GMT
Server: nginx
Content-Type: image/gif
Connection: keep-alive
Content-Length: 43
X-XSS-Protection: 1; mode=block

GET
H3-Q050 200 runner.html Show response
tpc.googlesyndication.com/sodar/sodar2/221/ Frame 691A 12 KB
5 KB 7ms
7ms Document
text/html 2a00:1450:4001:809::2001
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2.js

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2001 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

:method: GET
:authority: tpc.googlesyndication.com
:scheme: https
:path: /sodar/sodar2/221/runner.html
pragma: no-cache
cache-control: no-cache
upgrade-insecure-requests: 1
user-agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9
sec-fetch-site: cross-site
sec-fetch-mode: navigate
sec-fetch-dest: iframe
referer: http://aviadejavu.ru/
accept-encoding: gzip, deflate, br
accept-language: en-US
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
Referer: http://aviadejavu.ru/

Response headers

accept-ranges: bytes
vary: Accept-Encoding
content-encoding: gzip
content-type: text/html
cross-origin-resource-policy: cross-origin
content-length: 4984
date: Thu, 04 Mar 2021 13:54:38 GMT
expires: Fri, 04 Mar 2022 13:54:38 GMT
last-modified: Tue, 08 Dec 2020 21:41:15 GMT
x-content-type-options: nosniff
server: sffe
x-xss-protection: 0
cache-control: public, max-age=31536000
age: 1467
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"

GET
H3-Q050 200 Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js Show response
pagead2.googlesyndication.com/bg/ Frame 691A 14 KB
6 KB 47ms
32ms Script
text/javascript 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/bg/Q9MKgAIr8xj9wBMLW1buCS1LNKSoLAVOfjIlinQ2UMU.js

Requested by

Host: tpc.googlesyndication.com
URL: https://tpc.googlesyndication.com/sodar/sodar2/221/runner.html

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

sffe /

Resource Hash

43d30a80022bf318fdc0130b5b56ee092d4b34a4a82c054e7e32258a743650c5

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://tpc.googlesyndication.com/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

date: Wed, 03 Mar 2021 14:48:24 GMT
content-encoding: br
x-content-type-options: nosniff
last-modified: Mon, 01 Mar 2021 10:45:00 GMT
server: sffe
age: 84641
vary: Accept-Encoding
content-type: text/javascript
cache-control: public, max-age=31536000
cross-origin-resource-policy: cross-origin
accept-ranges: bytes
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 5643
x-xss-protection: 0
expires: Thu, 03 Mar 2022 14:48:24 GMT

GET
H3-Q050 204 gen_204
pagead2.googlesyndication.com/pagead/ 0
224 B 42ms
41ms Image
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to Show image

Full URL

https://pagead2.googlesyndication.com/pagead/gen_204?id=sodar2&v=221&t=2&li=gda_r20210302&jk=1334287086877312&bg=!SEulSwjNAAWsVXnBrDsAKQB2-Dxai4iYSekZrlB7QlcGgTMgdXAZFfNk_ya-Lg3J03RT5q0bXU4BAgAAAHBSAAAACWgBBwoBRwz91qOaP4ym7yMGk6kMC51iYeX3aawtjb3i2DiKOjfEKvA5KhcuZBnaDI-U55xGt1XGY2-Va5Xsix0CvfjL2w859HSdk_uNQsN4YcylqJkogBA4M7qeSFK0AXt9DeBazkxiiuE9pIK-lKad2FmeTBm29IQEfrnp5gpDal0wgYLahe0NYcGpM_psSapg-AvtEE2KaGwWZaZZdR9zFH3v1wkUkquT1X3acNHPVQalFKxkfgCQ2cmt4gGhl2GydIBtHsv2FVxYPZjg3d361F6-CvmDnguaKqQ0DY9qcS_4ILZupJWJlxLSUEWerf4ZxDhnOblKYDnCLCOSzxo4aEGeYDySJHpFwLATOuooALy50JSdYWPaqiM6qdFmKUVq2z5wYvN9z_FFNDCDDg4fIKcnQpD5ogCyLXFNR9csEKxcYVqXnnAChkCr65kByrYoEIoGdKGjFDUVZfLDOD-hJCj5k4leMXlZkTAEwVvMeAtfcvOb9JAHgl1VsdUkrSLUrosgqeEul2ld2qUG_bk-ej5HZbsdQa3NKB6WUGp2LrsVqOY_ubhQsDIDeXcm_A_1ZfQqk3_jSI7JDnyuTUgqVNaRX1C5JaxgVEJrKu1AAIiuzHH_Cxw-XJThFGzCaOL4uC38TL_wioPq1vvxj2QaTLG-TthaU81rHmRxRpeGyDrYR4tAj_StZwk1CHotIs2Szhw52aOAvmf944zYmGMGrsOItrQEbxIg5tiviaLAdbm2L4OFrjbub9ziFgnkD1PmuiHmvKI-orZltpX1yAekG99Q8RyqfMUt7yow-vfcVB7dvLUA8h6igXQTsFUG9rNQGuqDaFRcrpf5APcSBrIgrqctuxLJRC7ACLA4OBZduUTgHZ04DifMhjhj5_xOpQOnMWshNCgKJUTS8PxecmaqPWq8G05pgPAuU_zVYBj4xhPXni0inB9uA2lSD2HEtEbzr9PJIWgpG0heV0P6hutsPvEQjodOhggKQ2hX5i2BCFMuroCwlHz8HNE60Z0vcfEFECq8wvUcRqjmfFSx0tve4XDXU-2i_C9G

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: http://aviadejavu.ru/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 14:19:05 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 0
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 73F3 42 B
155 B 42ms
41ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjssh7p5ovYthgWzp0eKs_-KfBgiP4zhlUzPmURzrEATSGak1elsbsykMow5CohkHIT2Tu5qAvbTCbPs1dM8is5jil6Q6zzCCgRWEhw1skNaGrWH2hAY7VQ&sai=AMfl-YSYXHm94cX7HhJW8IjywkOli5CnzDZjZQn2wP612pdbLHcL6uRi9_N87icWUXQFxStclauwzn3dhiYI&sig=Cg0ArKJSzPEWEdCD233jEAE&id=osdim&mcvt=1000&p=1042,11,1218,198&mtos=0,1000,1000,1000,1000&tos=0,1000,0,0,0&v=20210303&bin=7&avms=nio&bs=0,0&mc=0.9&if=1&app=0&itpl=22&adk=3378118159&rs=2&met=mue&la=0&cr=1&osd=1&vs=4&rst=1614867544638&dlt=568&rpt=66&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 14:19:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

GET
H3-Q050 200 activeview Show response
pagead2.googlesyndication.com/pcs/ Frame 970E 42 B
66 B 41ms
40ms Fetch
image/gif 2a00:1450:4001:809::2002
GOOGLE

General

Check archive.org

Show headers Download Go to

Full URL

https://pagead2.googlesyndication.com/pcs/activeview?xai=AKAOjsu4kEnz6x19tdkq5_5mCMpdgRTA7ChsrTfVJLVfdvyN44by6_mD2GwMMOiiPf0JZq44wRC9sA4CfWHNgdnf1LHUBa3lCsEB-MGEWXmE_mIhXUVN2eWyUYZh_LfQxA&sai=AMfl-YS62Ap56iNtiJ4s-hIz3n1dr-OGInjtra5qNL5ZuArsAQKEflGD2W2XdmgexU6AsNk_g1HQDbn19fBV&sig=Cg0ArKJSzLMyltWLgZE2EAE&id=osdim&mcvt=1003&p=57,860,147,1588&mtos=1003,1003,1003,1003,1003&tos=1003,0,0,0,0&v=20210303&bin=7&avms=nio&bs=0,0&mc=1&if=1&app=0&itpl=22&adk=3659215450&rs=2&met=mue&la=0&cr=0&osd=1&vs=4&rst=1614867544587&dlt=580&rpt=125&isd=0&msd=0&r=v&uup=0

Requested by

Host: www.googletagservices.com
URL: https://www.googletagservices.com/activeview/js/current/rx_lidar.js?cache=r20110914

Protocol

H3-Q050

Security

QUIC, , AES_128_GCM

Server

2a00:1450:4001:809::2002 Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),

Reverse DNS

Software

cafe /

Resource Hash

ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629

Security Headers

Name	Value
X-Content-Type-Options	nosniff
X-Xss-Protection	0

Request headers

Referer: https://googleads.g.doubleclick.net/
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36

Response headers

pragma: no-cache
date: Thu, 04 Mar 2021 14:19:06 GMT
x-content-type-options: nosniff
server: cafe
timing-allow-origin: *
p3p: policyref="https://www.googleadservices.com/pagead/p3p.xml", CP="NOI DEV PSA PSD IVA IVD OTP OUR OTR IND OTC"
access-control-allow-origin: *
cache-control: no-cache, must-revalidate
cross-origin-resource-policy: cross-origin
content-type: image/gif
alt-svc: h3-29=":443"; ma=2592000,h3-T051=":443"; ma=2592000,h3-Q050=":443"; ma=2592000,h3-Q046=":443"; ma=2592000,h3-Q043=":443"; ma=2592000,quic=":443"; ma=2592000; v="46,43"
content-length: 42
x-xss-protection: 0
expires: Fri, 01 Jan 1990 00:00:00 GMT

Verdicts & Comments Add Verdict or Comment

85 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

6 Cookies

Cookies are little pieces of information stored in the browser of a user. Whenever a user visits the site again, he will also send his cookie values, thus allowing the website to re-identify him even if he changed locations. This is how permanent logins work.

Domain/Path	Expires	Name / Value
.google.com/	1970-01-19 20:57:58	Name: NID Value: 210=LCmwHzPoqNRHgRNWppddPHHcXZ01m6JudA7BTX9nSvuR8SNMJMWU0wVZc2bCAJSwsbsGAax80qnVzN6AwhrQIVtlN3tlyBPQiTx7ZC7hO6dSv5RDkacwro75coDqZNpM1P7zkDt8494qA3I8gM7aoA09YR4ZAQuuCxY2XfQXHzA
.aviadejavu.ru/	1970-01-20 01:56:03	Name: __gads Value: ID=5f0b79c59df473f1-22219fe4a7ba007b:T=1614867544:RT=1614867544:S=ALNI_MYMYtuJyo5jaWR8893cjnWMvR9Xfw
.doubleclick.net/	1970-01-20 01:56:03	Name: IDE Value: AHWqTUlYv4YyufOl2WKJTgWfW3aLAfCA9CSNYUjnDpIOUNshzJKLSHhygxbREYq26z4
.aviadejavu.ru/	1970-01-19 16:35:39	Name: _ym_isad Value: 2
.aviadejavu.ru/	1970-01-20 01:20:03	Name: _ym_d Value: 1614867544
.aviadejavu.ru/	1970-01-20 01:20:03	Name: _ym_uid Value: 1614867544323165286

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

accounts.google.com
adservice.google.com
adservice.google.de
apis.google.com
aviadejavu.disqus.com
aviadejavu.ru
c.disquscdn.com
disqus.com
fonts.googleapis.com
fonts.gstatic.com
googleads.g.doubleclick.net
mc.yandex.ru
pagead2.googlesyndication.com
partner.googleadservices.com
referrer.disqus.com
ssl.gstatic.com
tpc.googlesyndication.com
www.facebook.com
www.google.com
www.google.ru
www.googletagservices.com
www.gstatic.com
109.94.209.30
142.250.186.34
151.101.12.134
151.101.128.134
2606:4700::6812:a913
2a00:1450:4001:801::200e
2a00:1450:4001:802::2002
2a00:1450:4001:802::2003
2a00:1450:4001:802::200d
2a00:1450:4001:803::2003
2a00:1450:4001:808::2002
2a00:1450:4001:809::2001
2a00:1450:4001:809::2002
2a00:1450:4001:813::2004
2a00:1450:4001:813::200a
2a00:1450:4001:827::2003
2a00:1450:4001:828::2002
2a00:1450:4001:82b::2003
2a02:6b8::1:119
2a03:2880:f11c:8183:face:b00c:0:25de
0638c52cdbd134e34bf705b4c1276a777ca646653fbc60b1dd3bc118049ac70b
10137f4ee9d49a1cff0832bc15faa9a752754455f05ea4051369114cede70259
15f902d965e543f110b5e4646c5664ddde52e267885f7ccd9d0c2046575a569b
161d02cbbcbf83d12d0b9865720afeec1752da7e1c1a567915d2d1be180ff44c
18088c10e79c926292732af98a0ce470e90f3fbcba4bb4896ab3310c2d94e421
1978a4ee69da239598bb125337b800e269f623839719a7da45e7f7cf2ba1a9bd
1b1156042a71ba6ffe43b2bb4a183d05547704b944198c649b2dc4db587a4675
1daab0f66666bc3a1d05d70de979a80680d985cc924e233fab61eef2d03bafe2
1e1c822470d325b38fd87240b73a521e02494e6edd6fb2d6a4dfe6d6753a1dcb
1e93f66cbe9b485135f0c8bbc9eaccf882ded6eb71daadde99a8426f6db7cb31
1ed959da37d0d2b2d5914b05e48e1fa5ac5a6a4852f4f03993fe18bfb1e553de
20b6097504aed42f81fd7492b0e20ee87c7e7d8f9e0a367081741ec0c405f740
2904717ea157bebac20a7fc0d1981894a88be32398be23fde6b4d9d4ed1429a8
3635c344f2b0ca919ed83832e3221f4d1341776d042a65266a647d3f318c9786
3d569eeefef9a575aabff98133e48a200745e6a6e56ef45161c6d1e25f02946d
43d30a80022bf318fdc0130b5b56ee092d4b34a4a82c054e7e32258a743650c5
49e1dcef611a905b866974d135554059ecd77a0ae022553178ec359ea0b64504
4bc4b0f6fead62bc07c4de3855c60649fe19465fff6e76cd0cd032eed4feb9a0
4ec83995bfd2309254a85befc0caf11908e3cf4fc5cc8f73366ca21e7860f1ca
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
559f31f31689c3362078aa438745222031527bf4a4d0711066350e8517a9d5a6
56acd8ae8431658294655f7f7f59c0f4a80c1a02792068861174b5a75ad96833
580cd288e532d5fa0e3727270352572dc543b9434604f2676332aab8e3bfd2ae
5a9321d896fc8f0e73852062de628f988de17b019dd033929d8db212448e1ac1
5afe8cd08739c4ec84d9ed513294514e2c5090622420c506387d8ffb39c64231
5bd9ca2f57b6c388332dd095d8c9be87dc71c2e1b78b843515ae758fe05a1223
6943957e4b964cc65fc87e179660a7392e22c28524d51e76f99695d0697c7046
6b6dad2faed1addb1265651670c53f714d19d033370ac2c8711cfc34638bee1c
6edbfab29a63a2b187cae1b33ce99c6b6eafb51f80b485aa9dd0dc01549a9879
704d0d3da6cd158841779485200573d774009ed765dfe9f91cee6f3c0fafcba9
764b9e9f3ad386aaa5cdeae9368353994de61c0bede087c8f7e3579cb443de3b
7a393e9d296c3cebf5f4f0c00ba50e91578532530eff488fb533668c441fe2fe
7b0b572a90abb3fce27b9dc1f79145706c7bcc6cc3ac84c8f501d344132816d8
7de7b85676544f7c233fc463b357f8ce4a41d7672cd4c613e623ba45f6d3afe7
873aed697d352242a06cc0e1961d2503173d4cbe93713671731d6b8928961745
90b6800137e78c79db62d1be1ff0f08fc258bb1bcdbdfefec18a88e78e9e3e3b
984e8e9d84e7255127da41ce973bb4d7a4884fa32f76d37440b546990ea42226
9cdb4dd08ba584cdf21b63932a8834d79969701403ef62afb63f0c6f436e6c0f
a4a1824defec1084ca81d496ee77891684c26196924bdc4fc21dd3482ce15e14
aa7b6c81e85551eeb5c4809f1e683efa0b780c33d12ddfc2067a1b136803e45a
b357031291532d150c46b043668f07f82f8074c01eddfbe886b90f8dd6755b31
b3ac4203f675a8aff1dc0620d445b256bd58ecfb87cb0403df60525025a5f398
b484e8986a3a987e1d19988254ba48ad51b9adba23a2baff157b93fab401b7e7
b7221f02166f6c4ed17bbb9ea99442512789972773f4d8a7e73499939a6f364d
b909e7b0511a43bcc45eaac4e13d7414b377babebb31b6c7fb1c001ff42d0c15
baad5a7d7e3c84cbd59b7ac129ecbbae3749e3239bb91ec7f4869ccbbbea2011
c04c7a578734441a2e3c552ab6f21ab2267c67f786cbadd64d4166d9721f7113
c1108b6bfbf983f232acdf0edbf78801061b2160cf903bb1ca8bfd611aa74f65
c214d8a259978d8a932e57874a18fd3ea5a5cab6d980e12aebf3ed36edc09f49
c27ad5ff9062de09eb9d1c3a0fdbf9aa1ad0d28f8a5ec1f90f067c10117e67ed
c312c8dcff723c5dcea1f1fc9cc0de63d9c7f29783cc9a0a4a1239c7619b5c7e
c4e13b675150973ba2454260044d6d1482f83150e3d38ac483e19a888464fcfc
c556c5b34285e0e5c5c1514fee3c8a520dda9e53844e64166dba98d7a91e4e5a
c7d2d49b9428a987451a1772079b486c6a2c942a99038c6553a062ff2a16508d
ce6631844549cac47b03a098a1da3411e890e477fcf18ddc610756a2d59dd49a
ceda176129f726613d72fadf7bc96c7ac92dc811cb7011ebb77ec8e44a2c734a
cf4724b2f736ed1a0ae6bc28f1ead963d9cd2c1fd87b6ef32e7799fc1c5c8bda
d867623333ac0b5c78e80b4b03c391da84b4dda61c23ac9c5320d82364bbfd4f
d9cebb89ed3e16a74386f743f3fc12fe98cb4fc5c11f03af5febdf1141ca6a39
dba8373b77d5f4fe9610ef894b1f473168b17582506353d3d88939277b271a82
dbef5e5530003b7233e944856c23d1437902a2d3568cdfd2beaf2166e9ca9139
e2b04100564fd9141d7acbd40482d40a3c5b4af2cf25b2cf8726b5608841d61a
e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
e6e0920d3d95b17087f2b007f3c1204b02f51bfead9b49d2f6c86f9e48e73a42
e78c14aeb9435fd03f67ad2ee4c45e18bfcfc100a4c62c8bd886324ce6296f77
ebf89e2f0560aea7b1622de8a98e67c89d416cced032c516366c91d83ff5a54f
ec39d61880ed1dd20638e96ead60ce039d5af166fff3d06c7c2d6d7b101796e3
ed12b8f75afb8edd258e8bcbd195c0a2e75ba94b4d87608ab3952e9e03cd0a5b
ed91fbb0cd9308f91f8e1fd93942c94ee850fc4161ed788b16f801b743c70b9b
ee085a2e9f597d8781fc17c659f9a27d409015b91d4dc1b99f4aabf6826a10ae
ee9c6a4f42b58c1e5510e51ae50357b73899ec32fdd88c9f69349ce9af693ab2
ef1955ae757c8b966c83248350331bd3a30f658ced11f387f8ebf05ab3368629
ef954292f81e61ddd5040cda76768e482ebd9d3540b6710cae559f520db49905
f199a20f1fee7dec152b3591272f9715b536ed88b4c36194488fd5a734caf707
f903269ba330d7c790fb2248216c0767e86ba38eaa8398369c3ab70167cb6348
fba5c0a661b19d494c228f97fc1742dd09351113038f100dc73df09c5f067a2f
fe3b9ec903128a4464bdabd33a33265476786fb1b7e8558908754e69c18c5dd1

aviadejavu.ru Open in urlscan Pro 109.94.209.30 Public Scan

Summary

urlscan.io Verdict: No classification

Domain & IP information

Screenshot Live screenshot Full Image

Detected technologies

Page Statistics

92 Requests

80 %HTTPS

80 %IPv6

14 Domains

22 Subdomains

20 IPs

4 Countries

1527 kBTransfer

3356 kBSize

6 Cookies

3 Outgoing links

Redirected requests

92 HTTP transactions Everything HTML Script AJAX CSS Image Expand all 2 data transactions

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Redirect headers

Request headers

Response headers

Request headers

aviadejavu.ru Open in urlscan Pro
109.94.209.30 Public Scan

Screenshot
Live screenshot

Full Image

92
Requests

80 %
HTTPS

80 %
IPv6

14
Domains

22
Subdomains

20
IPs

4
Countries

1527 kB
Transfer

3356 kB
Size

6
Cookies

92 HTTP transactions
2 data transactions