urlscan.io logo urlscan.io
SecurityTrails logo

ns1.novosib.su Open in urlscan Pro
82.146.49.34  Public Scan

Go To Rescan Add Verdict Report
URL: http://ns1.novosib.su/
Submission Tags: cccp su l4ing sub ns ru dns h8 ns1 Search All
Submission: On February 03 via manual from UA — Scanned from DE
 Behaviour Indicators
Similar DOM Content API
Verdicts

Summary

This website contacted 6 IPs in 3 countries across 8 domains to perform 22 HTTP transactions. The main IP is 82.146.49.34, located in Irkutsk, Russian Federation and belongs to RU-JSCIOT, RU. The main domain is ns1.novosib.su.
This is the only time ns1.novosib.su was scanned on urlscan.io!

urlscan.io Verdict: No classification

Domain & IP information

IP Address AS Autonomous System
1 10 82.146.49.34 29182 (RU-JSCIOT)
1 2a00:1450:400... 15169 (GOOGLE)
1 2 178.208.83.27 210079 (EUROBYTE ...)
5 10 2a02:6b8::1:119 208722 (GLOBAL_DC)
5 2a02:6b8:20::215 208722 (GLOBAL_DC)
1 2a00:1450:400... 15169 (GOOGLE)
22 6
10    82.146.49.34 (Irkutsk, Russian Federation)

ASN29182 (RU-JSCIOT, RU)
PTR: arast.ru
ns1.novosib.su
2994662.ru
1    2a00:1450:4001:80b::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
fonts.googleapis.com
2    178.208.83.27 (Amsterdam, Netherlands)

ASN210079 (EUROBYTE Eurobyte LLC, RU)
PTR: s23.h.mchost.ru
webfonts.ru
10    2a02:6b8::1:119 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
mc.yandex.ru
mc.yandex.com
5    2a02:6b8:20::215 (Moscow, Russian Federation)

ASN208722 (GLOBAL_DC, FI)
site.yandex.net
yastatic.net
1    2a00:1450:4001:831::200a (Frankfurt am Main, Germany)

ASN15169 (GOOGLE, US)
ajax.googleapis.com
Apex Domain
Subdomains		 Transfer
8 2994662.ru
2994662.ru
304 KB
7 yandex.com
mc.yandex.com — Cisco Umbrella Rank: 9092
3 KB
4 yandex.net
site.yandex.net — Cisco Umbrella Rank: 106634
29 KB
3 yandex.ru
mc.yandex.ru — Cisco Umbrella Rank: 3735
58 KB
2 webfonts.ru
webfonts.ru
259 B
2 googleapis.com
fonts.googleapis.com — Cisco Umbrella Rank: 34
ajax.googleapis.com — Cisco Umbrella Rank: 295
35 KB
2 novosib.su
ns1.novosib.su
35 KB
1 yastatic.net
yastatic.net — Cisco Umbrella Rank: 7088
28 KB
22 8
Domain Requested by
8 2994662.ru 1 redirects ns1.novosib.su
2994662.ru
7 mc.yandex.com 3 redirects ns1.novosib.su
4 site.yandex.net ns1.novosib.su
site.yandex.net
3 mc.yandex.ru 2 redirects ns1.novosib.su
2 webfonts.ru 1 redirects 2994662.ru
2 ns1.novosib.su ns1.novosib.su
1 yastatic.net site.yandex.net
1 ajax.googleapis.com ns1.novosib.su
1 fonts.googleapis.com ns1.novosib.su
22 9

This site contains links to these domains. Also see Links.

Domain
2994662.ru
osnova.novosib.su
Subject Issuer Validity Valid
mc.yandex.ru
GlobalSign ECC OV SSL CA 2018		 2022-10-18 -
2023-03-30		 5 months crt.sh
*.yastatic-net.ru
GlobalSign ECC OV SSL CA 2018		 2023-02-01 -
2023-08-01		 6 months crt.sh

This page contains 1 frames:

Primary Page: http://ns1.novosib.su/
Frame ID: 9C6AD52D9C3A0F505533661E30011BF7
Requests: 22 HTTP requests in this frame

Screenshot
Live screenshot
Full Image

Page Title

Торгово-монтажная компания СВЕТЛИЦА Новосибирск

Detected technologies

Overall confidence: 100%
Detected patterns
  • <link[^>]* href=[^>]+fonts\.(?:googleapis|google)\.com
Overall confidence: 100%
Detected patterns
  • mc\.yandex\.ru/metrika/(?:tag|watch)\.js
Overall confidence: 100%
Detected patterns
  • /([\d.]+)/jquery(?:\.min)?\.js
  • jquery.*\.js(?:\?ver(?:sion)?=([\d.]+))?

Page Statistics

22
Requests

27 %
HTTPS

67 %
IPv6

8
Domains

9
Subdomains

6
IPs

3
Countries

488 kB
Transfer

772 kB
Size

12
Cookies

Redirected requests

There were HTTP redirect chains for the following requests:

Request Chain 4
  • http://2994662.ru/plugins/captcha/crypt/cryptographp.php?cfg=0&PHPSESSID=ta7fmrv069vhb1jcmd776d19m0 HTTP 302
  • http://2994662.ru/plugins/captcha/crypt/cryptographp.inc.php?cfg=0&sn=PHPSESSID&PHPSESSID=ur197dbdfn2e725cuag08cip90
Request Chain 7
  • http://webfonts.ru/import/alfios.css HTTP 302
  • https://webfonts.ru/import/alfios.css
Request Chain 14
  • https://mc.yandex.com/sync_cookie_image_check HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9903.emZgjSrfNPRHwPbMJncA4X9s8aWqF-EJOAkzthyoWag_yIjrL5VmPVhH-rOJ98Bu.ei8kUg0ZoAoFZa3cBYdUdxyo034%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide?token=9903.iXUUDfEIW3ghBO4zzMwLRqYe_YWoUMRDy6_FSFrgKDqhToC7lmdSSzT6fPGGhEWpcBnt1Fmd9F80xaBn6ohTnM9F3Zz9BVqXHrW1exNYZCI%2C.gCbCXNIhM04gcjKGJyeQ3zSo3Zg%2C
Request Chain 19
  • https://mc.yandex.com/watch/43193364?wmode=7&page-url=http%3A%2F%2Fns1.novosib.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3llbk0t3v1opl3fs6ve8z%3Afp%3A1783%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1275447359710%3Ahid%3A482569322%3Az%3A0%3Ai%3A20230203162410%3Aet%3A1675441451%3Ac%3A1%3Arn%3A69127761%3Arqn%3A1%3Au%3A1675441451251901360%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A432%2C59%2C126%2C7%2C%2C0%2C%2C1218%2C6%2C%2C%2C%2C1843%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1675441448810%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1675441451%3At%3A%D0%A2%D0%BE%D1%80%D0%B3%D0%BE%D0%B2%D0%BE-%D0%BC%D0%BE%D0%BD%D1%82%D0%B0%D0%B6%D0%BD%D0%B0%D1%8F%20%D0%BA%D0%BE%D0%BC%D0%BF%D0%B0%D0%BD%D0%B8%D1%8F%20%D0%A1%D0%92%D0%95%D0%A2%D0%9B%D0%98%D0%A6%D0%90%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D0%B8%D0%B1%D0%B8%D1%80%D1%81%D0%BA&t=gdpr(14)clc(0-0-0)rqnt(1)aw(1)ti(2) HTTP 302
  • https://mc.yandex.com/watch/43193364/1?wmode=7&page-url=http%3A%2F%2Fns1.novosib.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3llbk0t3v1opl3fs6ve8z%3Afp%3A1783%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1275447359710%3Ahid%3A482569322%3Az%3A0%3Ai%3A20230203162410%3Aet%3A1675441451%3Ac%3A1%3Arn%3A69127761%3Arqn%3A1%3Au%3A1675441451251901360%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A432%2C59%2C126%2C7%2C%2C0%2C%2C1218%2C6%2C%2C%2C%2C1843%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1675441448810%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1675441451%3At%3A%D0%A2%D0%BE%D1%80%D0%B3%D0%BE%D0%B2%D0%BE-%D0%BC%D0%BE%D0%BD%D1%82%D0%B0%D0%B6%D0%BD%D0%B0%D1%8F%20%D0%BA%D0%BE%D0%BC%D0%BF%D0%B0%D0%BD%D0%B8%D1%8F%20%D0%A1%D0%92%D0%95%D0%A2%D0%9B%D0%98%D0%A6%D0%90%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D0%B8%D0%B1%D0%B8%D1%80%D1%81%D0%BA&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Request Chain 20
  • https://mc.yandex.com/sync_cookie_image_check_secondary HTTP 302
  • https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9903.WpWkbvE4n-Wud8QHWGa6oUoXM5yLR-uFNS3j0z9camQgHpPFoRPV-NbIK1eevyA1.Vr_pRD6QCxeCWyX4EORYymv1shk%2C HTTP 302
  • https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9903.iiNYbt5UZORXbiDJOhTunFBC0vgFXazL-s1SfEfj9CVqoehu-iQjODBfD6M2CdQGml6_3hAydOe7ZHrry7Y0Xa-ZwqLY12Yq8H6-m6-wPHI%2C.cqHAlKOXpyPL_phg8lW1KAX-ZXA%2C

22 HTTP transactions

Resource
Path		 Size
x-fer		 Type
MIME-Type
Primary Request /
ns1.novosib.su/ 		9 KB
9 KB 		Document
General
Check archive.org
Download Go to
Full URL
http://ns1.novosib.su/
Protocol
HTTP/1.1
Server
82.146.49.34 Irkutsk, Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
arast.ru
Software
nginx/1.14.1 / PHP/5.3.29
Resource Hash
9da5788842e077ace970515a1f75583b1ffb34e408dfb8869b8f966a5847687f

Request headers

Upgrade-Insecure-Requests
1
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
accept-language
de-DE,de;q=0.9

Response headers

Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Content-Type
text/html; charset=UTF-8
Date
Fri, 03 Feb 2023 16:24:09 GMT
Expires
Thu, 19 Nov 1981 08:52:00 GMT
Pragma
no-cache
Server
nginx/1.14.1
Transfer-Encoding
chunked
X-Powered-By
PHP/5.3.29
frontend_site.minify.css
2994662.ru/tmp/minify/ 		33 KB
33 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://2994662.ru/tmp/minify/frontend_site.minify.css
Requested by
Host: ns1.novosib.su
URL: http://ns1.novosib.su/
Protocol
HTTP/1.1
Server
82.146.49.34 Irkutsk, Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
arast.ru
Software
nginx/1.14.1 /
Resource Hash
2ef1e3aacf4ed7c65fb9138683f29128fa96f338d3c26f15d3ccd52792d659f4

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ns1.novosib.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Fri, 03 Feb 2023 16:24:10 GMT
Last-Modified
Mon, 10 Apr 2017 11:15:15 GMT
Server
nginx/1.14.1
ETag
"58eb6943-83a3"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
33699
jquery.fancybox.css
2994662.ru/plugins/fancybox/lib/source/ 		4 KB
5 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://2994662.ru/plugins/fancybox/lib/source/jquery.fancybox.css
Requested by
Host: ns1.novosib.su
URL: http://ns1.novosib.su/
Protocol
HTTP/1.1
Server
82.146.49.34 Irkutsk, Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
arast.ru
Software
nginx/1.14.1 /
Resource Hash
44ce7be5b22ba80e67c3f7cc0c3682ba98f3aab5def5332bff9fef1d83bac579

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ns1.novosib.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Fri, 03 Feb 2023 16:24:10 GMT
Last-Modified
Sun, 30 Jun 2013 15:29:05 GMT
Server
nginx/1.14.1
ETag
"51d04ec1-1124"
Content-Type
text/css
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
4388
css
fonts.googleapis.com/ 		5 KB
1 KB 		Stylesheet
General
Check archive.org
Download Go to
Full URL
http://fonts.googleapis.com/css?family=Open+Sans:300,700
Requested by
Host: ns1.novosib.su
URL: http://ns1.novosib.su/
Protocol
HTTP/1.1
Server
2a00:1450:4001:80b::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
ESF /
Resource Hash
0483f50764e4033c7878313489a7476a6736c209bc0a9bc033fb691c92059fee
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Frame-Options SAMEORIGIN
X-Xss-Protection 0

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ns1.novosib.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Fri, 03 Feb 2023 16:24:09 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Transfer-Encoding
chunked
Cross-Origin-Resource-Policy
cross-origin
X-XSS-Protection
0
Last-Modified
Fri, 03 Feb 2023 16:24:09 GMT
Server
ESF
Cross-Origin-Opener-Policy
same-origin-allow-popups
X-Frame-Options
SAMEORIGIN
Content-Type
text/css; charset=utf-8
Access-Control-Allow-Origin
*
Cache-Control
private, max-age=86400, stale-while-revalidate=604800
Timing-Allow-Origin
*
Link
<http://fonts.gstatic.com>; rel=preconnect; crossorigin
Expires
Fri, 03 Feb 2023 16:24:09 GMT
logo.png
ns1.novosib.su/public/themes/default/img/ 		26 KB
26 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://ns1.novosib.su/public/themes/default/img/logo.png
Requested by
Host: ns1.novosib.su
URL: http://ns1.novosib.su/
Protocol
HTTP/1.1
Server
82.146.49.34 Irkutsk, Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
arast.ru
Software
nginx/1.14.1 /
Resource Hash
55889832b9b3e90aae36d2d8846ddf3361452e49baf2293f4e12bdba56e470e8

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ns1.novosib.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Fri, 03 Feb 2023 16:24:09 GMT
Last-Modified
Mon, 10 Apr 2017 11:03:51 GMT
Server
nginx/1.14.1
ETag
"58eb6697-66bc"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
26300
cryptographp.inc.php
2994662.ru/plugins/captcha/crypt/
Redirect Chain
  • http://2994662.ru/plugins/captcha/crypt/cryptographp.php?cfg=0&PHPSESSID=ta7fmrv069vhb1jcmd776d19m0
  • http://2994662.ru/plugins/captcha/crypt/cryptographp.inc.php?cfg=0&sn=PHPSESSID&PHPSESSID=ur197dbdfn2e725cuag08cip90
2 KB
2 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://2994662.ru/plugins/captcha/crypt/cryptographp.inc.php?cfg=0&sn=PHPSESSID&PHPSESSID=ur197dbdfn2e725cuag08cip90
Requested by
Host: ns1.novosib.su
URL: http://ns1.novosib.su/
Protocol
HTTP/1.1
Server
82.146.49.34 Irkutsk, Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
arast.ru
Software
nginx/1.14.1 / PHP/5.3.29
Resource Hash
318128f2b826a3e845f9864c99f362ae767d8d618676f8ab4ee2ec2dfc74877b

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ns1.novosib.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Pragma
no-cache
Date
Fri, 03 Feb 2023 16:24:10 GMT
Server
nginx/1.14.1
X-Powered-By
PHP/5.3.29
Transfer-Encoding
chunked
Content-Type
image/png
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT

Redirect headers

Pragma
no-cache
Date
Fri, 03 Feb 2023 16:24:10 GMT
Server
nginx/1.14.1
X-Powered-By
PHP/5.3.29
Transfer-Encoding
chunked
Content-Type
text/html
Location
cryptographp.inc.php?cfg=0&sn=PHPSESSID&PHPSESSID=ur197dbdfn2e725cuag08cip90
Cache-Control
no-store, no-cache, must-revalidate, post-check=0, pre-check=0
Connection
keep-alive
Expires
Thu, 19 Nov 1981 08:52:00 GMT
reload.png
2994662.ru/plugins/captcha/crypt/images/ 		454 B
692 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://2994662.ru/plugins/captcha/crypt/images/reload.png
Requested by
Host: ns1.novosib.su
URL: http://ns1.novosib.su/
Protocol
HTTP/1.1
Server
82.146.49.34 Irkutsk, Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
arast.ru
Software
nginx/1.14.1 /
Resource Hash
1b8e4cd162bc30e6ab09211da92a822ef533cbe3834d57ccaf0ce2a684167f46

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ns1.novosib.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Fri, 03 Feb 2023 16:24:10 GMT
Last-Modified
Sun, 30 Jun 2013 15:24:25 GMT
Server
nginx/1.14.1
ETag
"51d04da9-1c6"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
454
frontend_site.minify.js
2994662.ru/tmp/minify/ 		23 KB
24 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://2994662.ru/tmp/minify/frontend_site.minify.js
Requested by
Host: ns1.novosib.su
URL: http://ns1.novosib.su/
Protocol
HTTP/1.1
Server
82.146.49.34 Irkutsk, Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
arast.ru
Software
nginx/1.14.1 /
Resource Hash
f9b16027ae87c4eb84d93d0f133820b241f1164616a278f2a3f28bcee0228d8e

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ns1.novosib.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Fri, 03 Feb 2023 16:24:10 GMT
Last-Modified
Sun, 26 Feb 2017 14:34:30 GMT
Server
nginx/1.14.1
ETag
"58b2e776-5d50"
Content-Type
application/javascript
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
23888
alfios.css
webfonts.ru/import/
Redirect Chain
  • http://webfonts.ru/import/alfios.css
  • https://webfonts.ru/import/alfios.css
0
0 		Stylesheet
General
Check archive.org
Download Go to
Full URL
https://webfonts.ru/import/alfios.css
Requested by
Host: 2994662.ru
URL: http://2994662.ru/tmp/minify/frontend_site.minify.css
Protocol
H2
Server
178.208.83.27 Amsterdam, Netherlands, ASN210079 (EUROBYTE Eurobyte LLC, RU),
Reverse DNS
s23.h.mchost.ru
Software
/
Resource Hash

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2994662.ru/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Redirect headers

Date
Fri, 03 Feb 2023 16:24:10 GMT
Server
nginx
Vary
Accept-Encoding
Content-Type
text/html; charset=iso-8859-1
Location
https://webfonts.ru/import/alfios.css
Connection
keep-alive
Keep-Alive
timeout=5
Content-Length
221
watch.js
mc.yandex.ru/metrika/ 		162 KB
57 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.ru/metrika/watch.js
Requested by
Host: ns1.novosib.su
URL: http://ns1.novosib.su/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
aea8d6d7292a79ae391517c8ec2c0f3b55c34b20c1eb330a24edaaadc4cca3d9
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ns1.novosib.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 16:24:10 GMT
content-encoding
br
strict-transport-security
max-age=31536000
last-modified
Thu, 19 Jan 2023 15:40:43 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"63c93a4b-e351"
content-type
application/javascript
access-control-allow-origin
*
cache-control
max-age=3600
content-length
58193
expires
Fri, 03 Feb 2023 17:24:10 GMT
all.js
site.yandex.net/v2.0/js/ 		56 KB
18 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://site.yandex.net/v2.0/js/all.js
Requested by
Host: ns1.novosib.su
URL: http://ns1.novosib.su/
Protocol
HTTP/1.1
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
982688b33d3e0c33372d93cc231c10f3dce88da5dde86e0bbeaef7f7dc2187ed
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ns1.novosib.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Fri, 03 Feb 2023 16:24:10 GMT
Content-Encoding
gzip
Strict-Transport-Security
max-age=43200000; includeSubDomains;
NEL
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
Connection
keep-alive
Content-Length
17587
Last-Modified
Wed, 21 Dec 2022 12:50:10 GMT
Server
nginx/1.17.9
Etag
"7b527b9fc84084227131f270f7b148c4"
Vary
Accept-Encoding
Report-To
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
Content-Type
application/javascript
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=216013
Accept-Ranges
bytes
Timing-Allow-Origin
*
Keep-Alive
timeout=5
X-Robots-Tag
noindex, noarchive, nofollow
Expires
Mon, 06 Feb 2023 04:21:35 GMT
jquery.min.js
ajax.googleapis.com/ajax/libs/jquery/1.7.1/ 		92 KB
33 KB 		Script
General
Check archive.org
Download Go to
Full URL
http://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js
Requested by
Host: ns1.novosib.su
URL: http://ns1.novosib.su/
Protocol
HTTP/1.1
Server
2a00:1450:4001:831::200a Frankfurt am Main, Germany, ASN15169 (GOOGLE, US),
Reverse DNS
Software
sffe /
Resource Hash
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
Security Headers
Name Value
X-Content-Type-Options nosniff
X-Xss-Protection 0

Request headers

Referer
http://ns1.novosib.su/
accept-language
de-DE,de;q=0.9
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36
Intervention
<https://www.chromestatus.com/feature/5718547946799104>; level="warning"

Response headers

Date
Fri, 03 Feb 2023 10:25:52 GMT
Content-Encoding
gzip
X-Content-Type-Options
nosniff
Age
21498
Content-Security-Policy-Report-Only
require-trusted-types-for 'script'; report-uri https://csp.withgoogle.com/csp/hosted-libraries-pushers
Cross-Origin-Resource-Policy
cross-origin
Content-Length
33333
X-XSS-Protection
0
Last-Modified
Tue, 03 Mar 2020 19:15:00 GMT
Server
sffe
Cross-Origin-Opener-Policy
same-origin; report-to="hosted-libraries-pushers"
Vary
Accept-Encoding
Report-To
{"group":"hosted-libraries-pushers","max_age":2592000,"endpoints":[{"url":"https://csp.withgoogle.com/csp/report-to/hosted-libraries-pushers"}]}
Content-Type
text/javascript; charset=UTF-8
Access-Control-Allow-Origin
*
Cache-Control
public, max-age=31536000, stale-while-revalidate=2592000
Accept-Ranges
bytes
Timing-Allow-Origin
*
Expires
Sat, 03 Feb 2024 10:25:52 GMT
bg.jpg
2994662.ru/public/themes/default/img/ 		38 KB
38 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://2994662.ru/public/themes/default/img/bg.jpg
Requested by
Host: 2994662.ru
URL: http://2994662.ru/tmp/minify/frontend_site.minify.css
Protocol
HTTP/1.1
Server
82.146.49.34 Irkutsk, Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
arast.ru
Software
nginx/1.14.1 /
Resource Hash
141ae18f6ca65c688d36f7c268dceb883ff097ac7250db740fb3d4fcac0036bb

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2994662.ru/tmp/minify/frontend_site.minify.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Fri, 03 Feb 2023 16:24:10 GMT
Last-Modified
Sun, 30 Jun 2013 15:26:37 GMT
Server
nginx/1.14.1
ETag
"51d04e2d-97ab"
Content-Type
image/jpeg
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
38827
fon_girl1.png
2994662.ru/public/themes/default/img/ 		201 KB
201 KB 		Image
General
Check archive.org
Download Go to Show image
Full URL
http://2994662.ru/public/themes/default/img/fon_girl1.png
Requested by
Host: 2994662.ru
URL: http://2994662.ru/tmp/minify/frontend_site.minify.css
Protocol
HTTP/1.1
Server
82.146.49.34 Irkutsk, Russian Federation, ASN29182 (RU-JSCIOT, RU),
Reverse DNS
arast.ru
Software
nginx/1.14.1 /
Resource Hash
2b32517dc2cb459e82ff2061491ba0bb378350782ca34adb4801b0a7a01afd31

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://2994662.ru/tmp/minify/frontend_site.minify.css
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

Date
Fri, 03 Feb 2023 16:24:10 GMT
Last-Modified
Sat, 08 Apr 2017 13:15:46 GMT
Server
nginx/1.14.1
ETag
"58e8e282-32314"
Content-Type
image/png
Connection
keep-alive
Accept-Ranges
bytes
Content-Length
205588
jquery.min.js
yastatic.net/jquery/1.6.2/ 		89 KB
28 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://yastatic.net/jquery/1.6.2/jquery.min.js
Requested by
Host: site.yandex.net
URL: http://site.yandex.net/v2.0/js/all.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ns1.novosib.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 16:24:10 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
28368
last-modified
Mon, 12 Nov 2018 13:13:42 GMT
server
nginx/1.17.9
etag
"57f5e4ce99f95e1eb0f18d52b65b6769"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
application/x-javascript
access-control-allow-origin
*
cache-control
public, max-age=31556952
x-nginx-request-id
21c31a522f38b45b
accept-ranges
bytes
timing-allow-origin
*
expires
Wed, 31 Jan 2024 14:04:29 GMT
sync_cookie_image_decide
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check
  • https://mc.yandex.ru/sync_cookie_image_start?redirect_domain=mc.yandex.com&token=9903.emZgjSrfNPRHwPbMJncA4X9s8aWqF-EJOAkzthyoWag_yIjrL5VmPVhH-rOJ98Bu.ei8kUg0ZoAoFZa3cBYdUdxyo034%2C
  • https://mc.yandex.com/sync_cookie_image_decide?token=9903.iXUUDfEIW3ghBO4zzMwLRqYe_YWoUMRDy6_FSFrgKDqhToC7lmdSSzT6fPGGhEWpcBnt1Fmd9F80xaBn6ohTnM9F3Zz9BVqXHrW1exNYZCI%2C.gCbCXNIhM04gcjKGJyeQ3zSo3Zg%2C
43 B
67 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide?token=9903.iXUUDfEIW3ghBO4zzMwLRqYe_YWoUMRDy6_FSFrgKDqhToC7lmdSSzT6fPGGhEWpcBnt1Fmd9F80xaBn6ohTnM9F3Zz9BVqXHrW1exNYZCI%2C.gCbCXNIhM04gcjKGJyeQ3zSo3Zg%2C
Requested by
Host: ns1.novosib.su
URL: http://ns1.novosib.su/
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ns1.novosib.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 16:24:11 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide?token=9903.iXUUDfEIW3ghBO4zzMwLRqYe_YWoUMRDy6_FSFrgKDqhToC7lmdSSzT6fPGGhEWpcBnt1Fmd9F80xaBn6ohTnM9F3Zz9BVqXHrW1exNYZCI%2C.gCbCXNIhM04gcjKGJyeQ3zSo3Zg%2C
date
Fri, 03 Feb 2023 16:24:11 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block
advert.gif
mc.yandex.com/metrika/ 		43 B
137 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/metrika/advert.gif
Requested by
Host: ns1.novosib.su
URL: http://ns1.novosib.su/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ns1.novosib.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 16:24:11 GMT
strict-transport-security
max-age=31536000
last-modified
Thu, 19 Jan 2023 15:40:43 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
etag
"63c93a4b-2b"
content-type
image/gif
access-control-allow-origin
*
cache-control
max-age=3600
accept-ranges
bytes
content-length
43
expires
Fri, 03 Feb 2023 17:24:11 GMT
suggest.js
site.yandex.net/v2.0/js/ 		8 KB
3 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://site.yandex.net/v2.0/js/suggest.js
Requested by
Host: site.yandex.net
URL: http://site.yandex.net/v2.0/js/all.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
dc41be78fcb3b0ca16fc52b3026f8120ada7e9c8b6c1f989d84431ff689276cd
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ns1.novosib.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 16:24:11 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
2610
last-modified
Wed, 21 Dec 2022 12:50:11 GMT
server
nginx/1.17.9
etag
"5905bc95497a3dcdd5543e8af9bb2553"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=216013
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Mon, 06 Feb 2023 04:20:42 GMT
opensearch.js
site.yandex.net/v2.0/js/ 		22 KB
7 KB 		Script
General
Check archive.org
Download Go to
Full URL
https://site.yandex.net/v2.0/js/opensearch.js
Requested by
Host: site.yandex.net
URL: http://site.yandex.net/v2.0/js/all.js
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
de66288f054df7f389e8281f87fb0a9a05095149f4e96d13c32a1c3b61b1a4a3
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ns1.novosib.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 16:24:11 GMT
content-encoding
br
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
6188
last-modified
Wed, 21 Dec 2022 12:50:10 GMT
server
nginx/1.17.9
etag
"1df256fb3e065fdf3b47b6ac51380393"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
application/javascript
access-control-allow-origin
*
cache-control
public, max-age=216013
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Mon, 06 Feb 2023 04:23:31 GMT
yandex-hint-rb.png
site.yandex.net/v2.0/i/ 		425 B
953 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://site.yandex.net/v2.0/i/yandex-hint-rb.png
Requested by
Host: ns1.novosib.su
URL: http://ns1.novosib.su/
Protocol
H2
Security
TLS 1.3, , AES_256_GCM
Server
2a02:6b8:20::215 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
nginx/1.17.9 /
Resource Hash
3db7135d424b421c0c412fd4504afd0f744698be1df3f009027159627de5ff8f
Security Headers
Name Value
Strict-Transport-Security max-age=43200000; includeSubDomains;

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ns1.novosib.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 16:24:11 GMT
strict-transport-security
max-age=43200000; includeSubDomains;
nel
{"report_to": "network-errors", "max_age": 7200, "success_fraction": 0.001, "failure_fraction": 0.01}
content-length
425
last-modified
Wed, 21 Dec 2022 12:50:11 GMT
server
nginx/1.17.9
etag
"fbe624b4939c4538e386beffac5861f6"
vary
Accept-Encoding
report-to
{ "group": "network-errors", "max_age": 7200, "endpoints": [ { "url": "https://dr.yandex.net/nel"}]}
content-type
image/png
access-control-allow-origin
*
cache-control
public, max-age=216013
accept-ranges
bytes
timing-allow-origin
*
x-robots-tag
noindex, noarchive, nofollow
expires
Mon, 06 Feb 2023 04:23:07 GMT
1
mc.yandex.com/watch/43193364/
Redirect Chain
  • https://mc.yandex.com/watch/43193364?wmode=7&page-url=http%3A%2F%2Fns1.novosib.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3llbk0t3v1opl3fs6ve8z%3Afp%3A1783%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3A...
  • https://mc.yandex.com/watch/43193364/1?wmode=7&page-url=http%3A%2F%2Fns1.novosib.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3llbk0t3v1opl3fs6ve8z%3Afp%3A1783%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%...
454 B
757 B 		XHR
General
Check archive.org
Download Go to
Full URL
https://mc.yandex.com/watch/43193364/1?wmode=7&page-url=http%3A%2F%2Fns1.novosib.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3llbk0t3v1opl3fs6ve8z%3Afp%3A1783%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1275447359710%3Ahid%3A482569322%3Az%3A0%3Ai%3A20230203162410%3Aet%3A1675441451%3Ac%3A1%3Arn%3A69127761%3Arqn%3A1%3Au%3A1675441451251901360%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A432%2C59%2C126%2C7%2C%2C0%2C%2C1218%2C6%2C%2C%2C%2C1843%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1675441448810%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1675441451%3At%3A%D0%A2%D0%BE%D1%80%D0%B3%D0%BE%D0%B2%D0%BE-%D0%BC%D0%BE%D0%BD%D1%82%D0%B0%D0%B6%D0%BD%D0%B0%D1%8F%20%D0%BA%D0%BE%D0%BC%D0%BF%D0%B0%D0%BD%D0%B8%D1%8F%20%D0%A1%D0%92%D0%95%D0%A2%D0%9B%D0%98%D0%A6%D0%90%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D0%B8%D0%B1%D0%B8%D1%80%D1%81%D0%BA&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
7bc0451a5272d3901e871a67f00d8ad710892aade2ed1c9393095778d0d3c362
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Content-Type-Options nosniff
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ns1.novosib.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

pragma
no-cache
date
Fri, 03 Feb 2023 16:24:11 GMT
strict-transport-security
max-age=31536000
x-content-type-options
nosniff
last-modified
Fri, 03-Feb-2023 16:24:11 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
content-type
application/json; charset=utf-8
access-control-allow-origin
http://ns1.novosib.su
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
content-length
454
x-xss-protection
1; mode=block
expires
Fri, 03-Feb-2023 16:24:11 GMT

Redirect headers

pragma
no-cache
date
Fri, 03 Feb 2023 16:24:11 GMT
strict-transport-security
max-age=31536000
last-modified
Fri, 03-Feb-2023 16:24:11 GMT
accept-ch
Sec-CH-UA-Bitness, Sec-CH-UA-Arch, Sec-CH-UA-Full-Version, Sec-CH-UA-Mobile, Sec-CH-UA-Model, Sec-CH-UA-Platform-Version, Sec-CH-UA-Full-Version-List, Sec-CH-UA-Platform, Sec-CH-UA, UA-Bitness, UA-Arch, UA-Full-Version, UA-Mobile, UA-Model, UA-Platform-Version, UA-Platform, UA
location
/watch/43193364/1?wmode=7&page-url=http%3A%2F%2Fns1.novosib.su%2F&charset=utf-8&browser-info=pv%3A1%3Avf%3A3llbk0t3v1opl3fs6ve8z%3Afp%3A1783%3Afu%3A0%3Aen%3Autf-8%3Ala%3Aen-US%3Av%3A960%3Acn%3A1%3Adp%3A0%3Als%3A1275447359710%3Ahid%3A482569322%3Az%3A0%3Ai%3A20230203162410%3Aet%3A1675441451%3Ac%3A1%3Arn%3A69127761%3Arqn%3A1%3Au%3A1675441451251901360%3Aw%3A1600x1200%3As%3A1600x1200x24%3Ask%3A1%3Ads%3A432%2C59%2C126%2C7%2C%2C0%2C%2C1218%2C6%2C%2C%2C%2C1843%3Aco%3A0%3Acpf%3A1%3Antf%3A1%3Ans%3A1675441448810%3Aadb%3A2%3Arqnl%3A1%3Ast%3A1675441451%3At%3A%D0%A2%D0%BE%D1%80%D0%B3%D0%BE%D0%B2%D0%BE-%D0%BC%D0%BE%D0%BD%D1%82%D0%B0%D0%B6%D0%BD%D0%B0%D1%8F%20%D0%BA%D0%BE%D0%BC%D0%BF%D0%B0%D0%BD%D0%B8%D1%8F%20%D0%A1%D0%92%D0%95%D0%A2%D0%9B%D0%98%D0%A6%D0%90%20%D0%9D%D0%BE%D0%B2%D0%BE%D1%81%D0%B8%D0%B1%D0%B8%D1%80%D1%81%D0%BA&t=gdpr%2814%29clc%280-0-0%29rqnt%281%29aw%281%29ti%282%29
access-control-allow-origin
http://ns1.novosib.su
cache-control
private, no-cache, no-store, must-revalidate, max-age=0
access-control-allow-credentials
true
x-xss-protection
1; mode=block
expires
Fri, 03-Feb-2023 16:24:11 GMT
sync_cookie_image_decide_secondary
mc.yandex.com/
Redirect Chain
  • https://mc.yandex.com/sync_cookie_image_check_secondary
  • https://mc.yandex.ru/sync_cookie_image_start_secondary?redirect_domain=mc.yandex.com&token=9903.WpWkbvE4n-Wud8QHWGa6oUoXM5yLR-uFNS3j0z9camQgHpPFoRPV-NbIK1eevyA1.Vr_pRD6QCxeCWyX4EORYymv1shk%2C
  • https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9903.iiNYbt5UZORXbiDJOhTunFBC0vgFXazL-s1SfEfj9CVqoehu-iQjODBfD6M2CdQGml6_3hAydOe7ZHrry7Y0Xa-ZwqLY12Yq8H6-m6-wPHI%2C.cqHAlKOXpyPL_phg8l...
43 B
79 B 		Image
General
Check archive.org
Download Go to Show image
Full URL
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9903.iiNYbt5UZORXbiDJOhTunFBC0vgFXazL-s1SfEfj9CVqoehu-iQjODBfD6M2CdQGml6_3hAydOe7ZHrry7Y0Xa-ZwqLY12Yq8H6-m6-wPHI%2C.cqHAlKOXpyPL_phg8lW1KAX-ZXA%2C
Protocol
H2
Server
2a02:6b8::1:119 Moscow, Russian Federation, ASN208722 (GLOBAL_DC, FI),
Reverse DNS
Software
/
Resource Hash
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
Security Headers
Name Value
Strict-Transport-Security max-age=31536000
X-Xss-Protection 1; mode=block

Request headers

accept-language
de-DE,de;q=0.9
Referer
http://ns1.novosib.su/
User-Agent
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.5414.119 Safari/537.36

Response headers

date
Fri, 03 Feb 2023 16:24:11 GMT
strict-transport-security
max-age=31536000
content-length
43
x-xss-protection
1; mode=block
content-type
image/gif

Redirect headers

location
https://mc.yandex.com/sync_cookie_image_decide_secondary?token=9903.iiNYbt5UZORXbiDJOhTunFBC0vgFXazL-s1SfEfj9CVqoehu-iQjODBfD6M2CdQGml6_3hAydOe7ZHrry7Y0Xa-ZwqLY12Yq8H6-m6-wPHI%2C.cqHAlKOXpyPL_phg8lW1KAX-ZXA%2C
date
Fri, 03 Feb 2023 16:24:11 GMT
strict-transport-security
max-age=31536000
x-xss-protection
1; mode=block

Verdicts & Comments Add Verdict or Comment

9 JavaScript Global Variables

These are the non-standard "global" variables defined on the window object. These can be helpful in identifying possible client-side frameworks and code.

object| oncontentvisibilityautostatechange object| yandex_site_callbacks boolean| jQueryScriptOutputted function| initJQuery function| $ function| jQuery function| reviewsAdd object| Ya object| yaCounter43193364

12 Cookies

Domain/Path Name / Value
ns1.novosib.su/ Name: PHPSESSID
Value: ta7fmrv069vhb1jcmd776d19m0
.novosib.su/ Name: _ym_uid
Value: 1675441451251901360
.novosib.su/ Name: _ym_d
Value: 1675441451
.mc.yandex.com/ Name: sync_cookie_csrf
Value: 1332550972fake
.novosib.su/ Name: _ym_isad
Value: 2
.mc.yandex.ru/ Name: sync_cookie_csrf
Value: 2124236422fake
mc.yandex.com/ Name: yabs-sid
Value: 820965711675441451
.yandex.com/ Name: i
Value: UT0cH7nEmbgs8aEALX8+OP4TNrf7DZaXVvHMvuuQU8WONw45V2++REui7Qfgu0QGhfXO5RgAYQCqAV/l7VwKKZu1UUs=
.yandex.com/ Name: yandexuid
Value: 8615518971675441451
.yandex.com/ Name: yuidss
Value: 8615518971675441451
.yandex.com/ Name: ymex
Value: 1706977451.yc.1675441451#1706977451.yrts.1675441451#1706977451.yrtsi.1675441451
.novosib.su/ Name: _ym_visorc
Value: w

3 Console Messages

Source Level URL
Text
network error URL: https://webfonts.ru/import/alfios.css
Message:
Failed to load resource: the server responded with a status of 404 ()
javascript warning URL: http://ns1.novosib.su/(Line 100)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.
javascript warning URL: http://ns1.novosib.su/(Line 100)
Message:
A parser-blocking, cross site (i.e. different eTLD+1) script, http://ajax.googleapis.com/ajax/libs/jquery/1.7.1/jquery.min.js, is invoked via document.write. The network request for this script MAY be blocked by the browser in this or a future page load due to poor network connectivity. If blocked in this page load, it will be confirmed in a subsequent console message. See https://www.chromestatus.com/feature/5718547946799104 for more details.

Indicators

This is a term in the security industry to describe indicators such as IPs, Domains, Hashes, etc. This does not imply that any of these indicate malicious activity.

2994662.ru
ajax.googleapis.com
fonts.googleapis.com
mc.yandex.com
mc.yandex.ru
ns1.novosib.su
site.yandex.net
webfonts.ru
yastatic.net
178.208.83.27
2a00:1450:4001:80b::200a
2a00:1450:4001:831::200a
2a02:6b8:20::215
2a02:6b8::1:119
82.146.49.34
0483f50764e4033c7878313489a7476a6736c209bc0a9bc033fb691c92059fee
141ae18f6ca65c688d36f7c268dceb883ff097ac7250db740fb3d4fcac0036bb
1b8e4cd162bc30e6ab09211da92a822ef533cbe3834d57ccaf0ce2a684167f46
2b32517dc2cb459e82ff2061491ba0bb378350782ca34adb4801b0a7a01afd31
2ef1e3aacf4ed7c65fb9138683f29128fa96f338d3c26f15d3ccd52792d659f4
318128f2b826a3e845f9864c99f362ae767d8d618676f8ab4ee2ec2dfc74877b
3db7135d424b421c0c412fd4504afd0f744698be1df3f009027159627de5ff8f
44ce7be5b22ba80e67c3f7cc0c3682ba98f3aab5def5332bff9fef1d83bac579
548f2d6f4d0d820c6c5ffbeffcbd7f0e73193e2932eefe542accc84762deec87
55889832b9b3e90aae36d2d8846ddf3361452e49baf2293f4e12bdba56e470e8
7bc0451a5272d3901e871a67f00d8ad710892aade2ed1c9393095778d0d3c362
88171413fc76dda23ab32baa17b11e4fff89141c633ece737852445f1ba6c1bd
982688b33d3e0c33372d93cc231c10f3dce88da5dde86e0bbeaef7f7dc2187ed
9da5788842e077ace970515a1f75583b1ffb34e408dfb8869b8f966a5847687f
aea8d6d7292a79ae391517c8ec2c0f3b55c34b20c1eb330a24edaaadc4cca3d9
d16d07a0353405fcec95f7efc50a2621bc7425f9a5e8895078396fb0dc460c4f
dc41be78fcb3b0ca16fc52b3026f8120ada7e9c8b6c1f989d84431ff689276cd
de66288f054df7f389e8281f87fb0a9a05095149f4e96d13c32a1c3b61b1a4a3
f9b16027ae87c4eb84d93d0f133820b241f1164616a278f2a3f28bcee0228d8e